Skip to content

New Attack Path Exploits Microsoft SCCM: Researchers Discover Undocumented Way to Compromise Account Privileges

Posted by:
< 1 min read

March 28, 2024 – Published on The IT Nerd

GuidePoint Security has unveiled the discovery of an undocumented way to compromise an account and elevate privileges inside an SCCM (System Center Configuration Manager) – aka Microsoft Endpoint Configuration Manager (MECM) – network. 

GuidePoint Security’s Threat & Attack Simulation (TAS) team detected SCCM exploitation for account compromise, finding the conditions that can compromise SCCM client push and machine accounts through automatic site-wide client push installation and Active Directory system discovery. 

Read More HERE.

Categories: Threat & Attack Simulation
Tags:endpoint securityPenetration TestingSSCM

GuidePoint Security

Threat & Attack Simulation Practice
Bryan Orme, Principal and Partner at GuidePoint Security, presents an overview of our Threat & Attack Simulation Practice.
Watch Now

Related Articles

View All

  • Vulnerability Management & Penetration Testing
Threat & Attack Simulation Practice
Read More < 1 min read
  • Cybersecurity
The Brick House: Cybersecurity 2024 — Security Risks and Evolving Threats
Read More < 1 min read
  • Incident Response & Threat Intelligence
Threat actors actively exploit JetBrains TeamCity flaws to deliver malware
Read More < 1 min read