#auth

Automated recognition mechanism with inadequate detection or handling of adversarial input perturbations in Windows Hello allows an unauthorized attacker to perform spoofing locally.

Improper input validation in Azure Local allows an authorized attacker to elevate privileges locally.

**How could an attacker exploit this vulnerability?** An authenticated user could manipulate attributes on computer accounts they own or manage, and acquire a certificate from Active Directory Certificate Services that would allow elevation of privilege to System.

Uncontrolled resource consumption in Windows Kerberos allows an unauthorized attacker to deny service over a network.

**According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability?** Successful exploitation of this vulnerability requires an attacker to win a race condition.

Use after free in Windows Digital Media allows an authorized attacker to elevate privileges locally.

Protection mechanism failure in Windows Mark of the Web (MOTW) allows an unauthorized attacker to bypass a security feature over a network.

Uncontrolled resource consumption in Windows HTTP.sys allows an unauthorized attacker to deny service over a network.

Uncontrolled resource consumption in Windows Standards-Based Storage Management Service allows an unauthorized attacker to deny service over a network.

Improper input validation in Dynamics Business Central allows an authorized attacker to disclose information locally.