Tom Kahana

From Domain User to SYSTEM: Analyzing the NTLM LDAP Authentication Bypass Vulnerability (CVE-2025-54918)

From Domain User to SYSTEM: Analyzing the NTLM LDAP Authentication Bypass Vulnerability (CVE-2025-54918)

October 22, 2025

Tom Kahana Next-Gen Identity Security

In September 2025, a critical vulnerability (CVE-2025-54918) was discovered affecting domain controllers running LDAP or LDAPS services. This vulnerability allows attackers to elevate privileges from […]

    CrowdStrike Falcon Platform
    Ready to protect your business?

    Try CrowdStrike free today

    Subscribe

    Sign up now to receive the latest notifications and updates from CrowdStrike

    See CrowdStrike Falcon in action