SCCM (Configuration Manager) is a solution provided by Microsoft to help enterprise centrally manage the configuration and software deployment of Windows computers, servers, and other devices. With the advancement of security research in AD CS, potential security risks in Microsoft's AD-related services have become a focus of attention. SCCM, due to its highly interactive nature with devices, has been found to have more than 20 known security concerns. These risks include, but are not limited to, low-privilege domain users potentially gaining control over Tier 0 assets such as MSSQL, SMS, and AD CS.

This session will focus on the security issues of SCCM, providing an in-depth analysis of its operational principles and common misconfigurations that might serve as entry points for attackers.