H3-2021-0032

Credential Reuse

Description

A credential reuse issue was identified in the client's network. Attackers can exploit this weakness by obtaining valid credentials from one system and then using these same credentials to gain unauthorized access to other systems within the network.

Impact

Exploiting this weakness can allow an attacker to move laterally across different systems, escalate privileges, or maintain persistent access within the network. This can lead to unauthorized control over various systems and potentially compromise critical data.

References

• NIST Password Guidelines
• MITRE ATT&CK Technique: T1078: Valid Accounts