2.9.1.3 Certificate Templates
[MS-WCCE] section 5.1.11 describes data consistency considerations for the certificate templates. Additionally, it is reasonable to restrict write access to a certificate template to the administrators. Certificate templates define a policy by which certificates are issued. Therefore, an attacker who can modify certificate templates could potentially obtain certificates that would otherwise have been unobtainable.