CVE-2025-27740: Active Directory Certificate Services Elevation of Privilege Vulnerability

How could an attacker exploit this vulnerability?

An authenticated user could manipulate attributes on computer accounts they own or manage, and acquire a certificate from Active Directory Certificate Services that would allow elevation of privilege to System.