SeTrustedCredManAccessPrivilege— Access Credential Manager as a trusted caller
Provides users given this permission the ability to utilize applications or processes to abuse the credential manager in an attempt to grab credentials for other users on the system. This setting is normally exclusively used by the credential manager during Backup and Restore and should not be assigned to other users.
GPO Setting Path
Computer Configuration\Windows Settings\Security Settings\Local Policies\User Rights Assignment
GPO Setting Name
Access Credential Manager as a trusted caller
Token Privilege
SeTrustedCredManAccessPrivilege
Associated Security Frameworks
Mitre ATT&CK: Credential Access (TA0006)
STIG: V-220956