On May 21, researchers at Akamai published a blog post detailing a new privilege escalation vulnerability in Active Directory (AD) domains. Dubbed "BadSuccessor," the flaw affects AD domains with at least one Windows Server 2025 domain controller. The blog includes details about the flaw, as well as detection and mitigation guidance.

As of June 2, Microsoft has not yet released patches nor assigned a CVE for BadSuccessor. However, in the Akamai blog, they quote Microsoft as saying they would “fix this issue in the future.” 

For more information, including details about BadSuccessor as well as Tenable product coverage, please visit our FAQ blog.