Active Directory Domain Services Elevation of Privilege Vulnerability. A system is vulnerable only if Active Directory Certificate Services is running on the domain. An authenticated user could manipulate attributes on computer accounts they own or manage, and acquire a certificate from Active Directory Certificate Services that would allow elevation of privilege to System.