LDAPNightmare PoC Exploit Crashes LSASS and Reboots Windows Domain Controllers

A proof-of-concept exploit, LDAPNightmare, has been released for a Windows LDAP vulnerability (CVE-2024-49113) that can crash domain controllers and potentially lead to remote code execution (CVE-2024-49112). Organizations are advised to apply the December 2024 patches or implement detections for suspicious CLDAP and DNS activity.