Commonly Abused Windows Token Privileges: SeTrustedCredManAccessPrivilege

Picture of Henry Zhang Henry Zhang : Sep 1, 2024 10:30:00 AM

Senteon Technical Cybersecurity Security Configuration Hardening Managed Endpoint Hardening
Commonly Abused Windows Token Privileges: SeTrustedCredManAccessPrivilege

SeTrustedCredManAccessPrivilege— Access Credential Manager as a trusted caller

Provides users given this permission the ability to utilize applications or processes to abuse the credential manager in an attempt to grab credentials for other users on the system. This setting is normally exclusively used by the credential manager during Backup and Restore and should not be assigned to other users.

GPO Setting Path

Computer Configuration\Windows Settings\Security Settings\Local Policies\User Rights Assignment

GPO Setting Name

Access Credential Manager as a trusted caller

Token Privilege

SeTrustedCredManAccessPrivilege

Associated Security Frameworks

Mitre ATT&CK: Credential Access (TA0006)

STIG: V-220956

Windows Logon Session Types: NewCredentials

Picture of Henry Zhang Henry Zhang : Dec 20, 2021 8:45:00 AM

Logon Type — NewCredentials Used with RunAs or mapping a network drive with alternate credentials. Create a new logon session for the same user but...

Endpoint Hardening Senteon Technical Cybersecurity Managed Endpoint Hardening System hardening
READ MORE

Windows Logon Session Types: NetworkCleartext

Picture of Henry Zhang Henry Zhang : Dec 13, 2021 7:30:00 AM

Logon Type — NetworkCleartext Used to logon with credentials sent in clear text (only possible for certain services).

Endpoint Hardening Senteon Technical Cybersecurity Managed Endpoint Hardening System hardening
READ MORE
Beyond the Basics – CIS Benchmarks and Advanced Password Security

Beyond the Basics – CIS Benchmarks and Advanced Password Security

Picture of Henry Zhang Henry Zhang : Sep 18, 2024 10:15:00 AM

In this part of the Senteon and CIS Webinar Series, Ray Feldman of LastPass continued to highlight the power of aligning CIS Benchmarks with advanced

Webinar Senteon CISControls Cybersecurity Browser Hardening Managed Endpoint Hardening
READ MORE