Find notable cyber news and cases, enriched with sources, timelines, and signals.
Home Browse News Feed Stats Watchlists Beta About Contact

Windows Kerberos BadSuccessor zero-day (CVE-2025-53779)

Vulnerability
First reported
Last updated
Happening score
H score 53
2 unique sources, 2 articles

Summary

Hide ▲

A Windows Kerberos elevation-of-privilege flaw, CVE-2025-53779, is a zero-day that can lead to domain compromise when the required environment is present. Akamai disclosed the issue in May, and the flaw is tied to systems with at least one Windows Server 2025 domain controller. Microsoft addressed it in the August 2025 security update.

Related Happenings

Microsoft Entra ID hardens browser sign-ins with stricter Content Security Policy

Security Tool/Service
First: 26.11.2025 15:26 Last: 26.11.2025 15:26 Sources 1

About this happening: Microsoft is tightening **Entra ID** browser sign-ins with a stronger **Content Security Policy**, reducing the risk of **script injection** and **XSS-style credential theft** dur...

Open Happening

Microsoft Windows updates break authentication on systems with duplicate SIDs

Service Disruption
First: 21.10.2025 19:56 Last: 21.10.2025 19:56 Sources 1

About this happening: Microsoft **Windows updates** released since **August 29, 2025** are breaking **Kerberos** and **NTLM** authentication on systems with **duplicate SIDs**, disrupting **Remote Desk...

Open Happening

Windows duplicate SID authentication failures mitigation guidance

Advisory/Mitigation
First: 21.10.2025 19:56 Last: 21.10.2025 19:56 Sources 1

About this happening: **Microsoft** issued remediation guidance for **Windows** systems with **duplicate SIDs**, after updates released since **August 29, 2025** started breaking **Kerberos** and **NTL...

Open Happening

Windows Server 2025 AD DS synchronization disruption after KB5065426

Service Disruption
First: 20.10.2025 18:27 Last: 20.10.2025 18:27 Sources 1

About this happening: A **Windows Server 2025** known issue is disrupting **Active Directory Domain Services (AD DS)** synchronization, causing incomplete sync for **large AD security groups** and risk...

Open Happening

Windows Server 2025 AD DS sync remediation

Advisory/Mitigation
First: 20.10.2025 18:27 Last: 20.10.2025 18:27 Sources 1

About this happening: Microsoft issued a **Known Issue Rollback Group Policy** and registry workaround for a **Windows Server 2025** directory-sync bug that can disrupt **Microsoft Entra Connect Sync**...

Open Happening

Timeline

  1. 13.08.2025 11:47 1 articles · 9mo ago

    Microsoft patches Windows Kerberos zero-day CVE-2025-53779

    Initial Disclosure

    Microsoft released fixes for 111 security flaws across its software portfolio and addressed CVE-2025-53779, a publicly disclosed Windows Kerberos privilege-escalation zero-day caused by relative path traversal. The issue is linked to the BadSuccessor technique against Active Directory dMSA objects, and successful exploitation requires pre-existing control of msds-groupMSAMembership and msds-ManagedAccountPrecededByLink; the same patch set also included CVE-2025-53786 for Microsoft Exchange Server hybrid deployments.

    Show sources
    Open in new tab
  2. 13.08.2025 00:47 1 articles · 9mo ago

    Windows Kerberos BadSuccessor zero-day (CVE-2025-53779)

    Initial Disclosure

    Akamai disclosed **BadSuccessor** in **May** as a **zero-day** in **Windows Kerberos**, identifying **CVE-2025-53779** as a privilege-escalation flaw. The abuse path requires at least one domain controller running **Windows Server 2025**.

    Show sources
    Open in new tab