Sssd: sssd default kerberos configuration allows privilege escalation on ad-joined...

8.8 / 10

HIGH

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Description

A flaw was found in the integration of Active Directory and the System Security Services Daemon (SSSD) on Linux systems. In default configurations, SSSD does not enable the Kerberos local authentication plugin (sssd_krb5_localauth_plugin), allowing an attacker with permission to modify certain AD attributes (such as userPrincipalName or samAccountName) to impersonate privileged users. This can result in unauthorized access or privilege escalation on domain-joined Linux hosts.

Basic Information

ID CVE-2025-11561

Source redhat

Published Oct 9, 2025 at 13:37

Modified Oct 9, 2025 at 13:51

Affected Product

Vendor Red Hat

Product Red Hat Enterprise Linux 10

CWE Classification

CWE-269

References

{
    "lastseen": "",
    "description": "A flaw was found in the integration of Active Directory and the System Security Services Daemon (SSSD) on Linux systems. In default configurations, SSSD does not enable the Kerberos local authentication plugin (sssd_krb5_localauth_plugin), allowing an attacker with permission to modify certain AD attributes (such as userPrincipalName or samAccountName) to impersonate privileged users. This can result in unauthorized access or privilege escalation on domain-joined Linux hosts.",
    "published": "2025-10-09T13:37:53.089Z",
    "modified": "2025-10-09T13:51:16.600Z",
    "type": "cve",
    "title": "Sssd: sssd default kerberos configuration allows privilege escalation on ad-joined linux systems",
    "source": "redhat",
    "references": "https://access.redhat.com/security/cve/CVE-2025-11561\nhttps://blog.async.sg/kerberos-ldr\nhttps://bugzilla.redhat.com/show_bug.cgi?id=2402727",
    "id": "CVE-2025-11561",
    "bulletinFamily": "",
    "cwe": [
        "CWE-269"
    ],
    "cvelist": null,
    "sourceData": "",
    "sourceHref": "",
    "cvss": {
        "score": 8.8,
        "severity": "HIGH",
        "vector": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
        "version": "3.1"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "Red Hat Enterprise Linux 10",
    "version": "",
    "vendor": "Red Hat",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}

Sssd: sssd default kerberos configuration allows privilege escalation on ad-joined linux systems_CVE-2025-11561