BadSuccessor Exploits Windows Server 2025 Flaw for Full AD Takeover

The article describes a critical vulnerability in Windows Server 2025 that allows attackers to gain full control over any user account in an Active Directory (AD). The vulnerability, dubbed BadSuccessor, exploits a new feature in Windows Server 2025 called delegated Managed Service Accounts (dMSAs).