Summary A standard domain user can exploit Arbitrary File Write/Overwrite with NT AUTHORITY\SYSTEM under certain circumstances if Group Policy “File Preference” is configured. I reported this finding to ZDI and Microsoft fixed this in CVE-2022-37955 Versions Affected Tests (April 06, 2022) were conducted on the following Active Directory setup: Domain computer: Windows 10/Windows 11 &…
EoP via Arbitrary File Write/Overwite in Group Policy Client “gpsvc” – CVE-2022-37955
