Straight from the press: A kerberos bypass vulnerability is discovered, where a weakness in the Windows implentation of this protocol will allow an attacker to bypass the initial kerberos granting service, and create their own tickets, much like the golden ticket attack.
What differs from a golden ticket attack, is that the attacker will only need to have credentials for a user in the domain in order to make whatever they like, i.e. Domain Admin privileges.
More info will come, here's the POC video: https://youtu.be/iik25wqIuFo
CVE-2022-28032 (Pending review) CVSS: 10.0