Coursera Spring Sale
40% Off Coursera Plus Annual!
Grab it
Explore the security vulnerabilities and attack vectors within Microsoft System Center Configuration Manager (SCCM) through this 43-minute conference talk that combines research insights with real-world red team experience. Discover how SCCM has become a favored target for adversaries due to its complexity, historical technical debt, and potential for full Active Directory compromise when successfully exploited. Learn about the speaker's journey from initial research to discovering a critical unauthenticated SQL injection vulnerability (CVE-2024-43468) that highlights the ongoing security challenges organizations face with this widely-deployed solution. Gain insights into SCCM's key internals and understand why companies, including large enterprises, continue to struggle with closing security gaps in their Configuration Manager deployments. Examine practical attack techniques developed through field experience during red team engagements where SCCM served as the primary attack path. Review relevant vulnerabilities and common misconfigurations that can lead to complete SCCM compromise, providing a comprehensive understanding of both the offensive and defensive perspectives of securing Microsoft's enterprise management solution.
