This article applies to BHCE and BHE


The target node may be a Certificate Template or an Enterprise Certification Authority.



Abuse Info

This relationship alone is not enough to perform a privilege escalation or impersonation primitive. This relationship may contribute to other relationships and attributes, from which an escalation opportunity may emerge.


Opsec Considerations

When an attacker abuses a privilege escalation or impersonation primitive that relies on this relationship, it will necessarily result in the issuance of a certificate. A copy of the issued certificate will be saved on the host that issued the certificate.



This edge is related to the following MITRE ATT&CK tactic and techniques:

  • https://attack.mitre.org/techniques/T1649/

Abuse and Opsec references