Microsoft ADFS Flaw Allows Attackers to Bypass MFA Safeguards

Vulnerability CVE-2018-8340 has exposed a major issue within Microsoft Active Directory Federation Services (ADFS). The most common exploit is for an attacker to gain access to lower privileged accounts and then work to increase their permissions.  This type of attack is most easily executed from within an organization by an already established account. They gain access via simple attacks such as phishing or by social engineering the help desk to reset passwords. Once the user has sufficient permissions, they are able to bypass MFA of lower privileged accounts within their organization. Microsoft has released a patch for this and it is recommended that users of ADFS apply the patch immediately.

 

Relevant URL(s): https://www.helpnetsecurity.com/2018/08/14/cve-2018-8340/