When a certificate and its private key are installed in the Windows machine certificate store using Network and Security tool, access rights to the private key are unnecessarily granted to the operator group.
Please refer to security bulletin BS-036, available on the Panorama CSIRT website: https://my.codra.net/en-gb/csirt.
Exploitability
AV:LAC:LAT:PPR:LUI:NVulnerable System
VC:HVI:NVA:NSubsequent System
SC:HSI:NSA:N3.3/CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:H/SI:N/SA:N/E:U/U:AmberConfiguration