PingSentry   |   Discord   |   System32   |   GitHub   |   Free tools

Security: Impersonate client after authentication user right only be assigned to Adminis,Service,Local Service,Network Service

f2601ffb-34f6-40b5-9ef1-62be072a750b

Inappropriate granting of user rights can provide system, administrative, and other high-level capabilities.

The "Impersonate a client after authentication" user right allows a program to impersonate another user or account to run on their behalf. An attacker could use this to elevate privileges.

Remediation

To fix this configure the policy value for
Computer Configuration
|_ Windows Settings
|_ Security Settings
|_ Local Policies
|_ User Rights Assignment
|_ Impersonate a client after authentication to include only the following accounts or groups:
- Administrators
- Service
- Local Service
- Network Service

STIG: Server
2025: https://system32.eventsentry.com/stig/viewer/V-278253
2022: https://system32.eventsentry.com/stig/viewer/V-254503
2019: https://system32.eventsentry.com/stig/viewer/V-254503
2016: https://system32.eventsentry.com/stig/viewer/V-225082

Desktop
W11: https://system32.eventsentry.com/stig/viewer/V-254503
W10: https://system32.eventsentry.com/stig/viewer/V-220975

NIST 800-53 : AC-3, AC-6, CM-6
NIST 800-171: 3.1.1, 3.1.2, 3.4.6
CMMC v2.0 L2: AC.L2-3.1.1, AC.L2-3.1.2, CM.L2-3.4.6
PCI-DSS v4.0: 2.2.1, 7.2.1
HIPAA SR : ยง164.312(a)(1)
HIPAA HICP : Practice 3 (Identity and Access Management)



Tags

stig-medium-serverstig-medium-desktopnist800-171-servernist800-171-desktopnist800-53-desktopnist800-53-serverpci-dss-v4-desktoppci-dss-v4-serverhipaa-desktophipaa-servercmmc2-l2-desktopcmmc2-l2-server

Your Privacy Choices

Manage your cookie preferences below:

Helps us improve website performance and understand how visitors use our site.

Allows us to collect feedback about our products and improve them based on your input.

To learn more about our use of cookies, please see our
Privacy Policy.