2020-09-11 17:08:24
microsoft
PUBLISHED
An elevation of privilege vulnerability exists when Active Directory Federation Services (ADFS) improperly handles multi-factor authentication requests. An attacker who successfully exploited this vulnerability could bypass some, but not all, of the authentication factors.
To exploit this vulnerability, an attacker could send a specially crafted authentication request.
This security update corrects how ADFS handles multi-factor authentication requests.