Vulnerabilities
Vulnerable Software

Vulnerability Details CVE-2026-56155

Insufficient granularity of access control in Active Directory Federation Services (AD FS) allows an authorized attacker to elevate privileges locally.
Exploit prediction scoring system (EPSS) score
CVSS Severity
CVSS v3 Score 7.8
Proposed Action
Microsoft Active Directory Federation Services contains an insufficient granularity of access control vulnerability that allows an authorized attacker to elevate privileges locally.
Ransomware Campaign
Unknown
Products affected by CVE-2026-56155


Contact Us

Shodan ® - All rights reserved