The hack I will discuss isnt new. I learned it from someone else about 15 years ago. When I show this hack, it still seems to surprise everyone, especially smartcard administrators. In this particular hack demo, the attacker is a low-privileged valid user (named HelpDesk) The target of the identity theft attack is a highly privileged user. The only elevated privilege HelpDesk has beyond a regular user is the ability to change a users Active Directory user principal name (UPN)”]
Source: https://www.csoonline.com/article/3353519/how-to-hack-a-smartcard-to-gain-privileged-access.html