On Microsoft Windows, the LsapGetClientInfo API in LSASRV will fallback and directly capture a caller’s impersonation token if it fails to impersonate, leading to elevation of privilege if the impersonation level is not checked.
On Microsoft Windows, the LsapGetClientInfo API in LSASRV will fallback and directly capture a caller’s impersonation token if it fails to impersonate, leading to elevation of privilege if the impersonation level is not checked.