On June 29, 2021, a zero-day exploit was observed on Microsoft Windows systems which allows authenticated users with a regular Domain User account to gain full SYSTEM-level privileges. On July 1, 2021, Microsoft released a separate advisory linking this zero-day to CVE-2021-34527 as a confirmed Remote Code Execution (RCE) vulnerability. According to the new advisory, the PoC is publicly disclosed and actively exploited in the wild.
https://blog.qualys.com/vulnerabilities ... nvironment.