CISA Issues Alert for Microsoft Netlogon Vulnerability

  /     /     /  
Publicated : 23/11/2024   Category : security


CISA Issues Alert for Microsoft Netlogon Vulnerability


CISA has issued an alert following the discovery of publicly available exploit code for Windows elevation of privilege flaw CVE-2020-1472.



The Department of Homeland Securitys Cybersecurity and Infrastructure Security Agency (CISA) has published an advisory warning there is publicly available exploit code for CVE-2020-1472, a critical elevation of privilege vulnerability in Microsofts Netlogon.
Zerologon, as Secura researchers
dubbed
the bug, has a CVSS score of 10.0. It exists when an attacker creates a vulnerable Netlogon secure channel connection to a domain controller, using the Netlogon Remote Protocol (MS-NRPC). Microsoft patched the vulnerability as part of its August Patch Tuesday rollout; its being addressed in a two-part rollout, the company reports.
Since then, researchers have noticed several proofs of concept published to GitHub, which demonstrates wide interest and experimentation across the security community, Tenable researchers
write
. In order to exploit this, an attacker would need to launch their attack from a machine on the same local area network as the victim. An unauthenticated attacker would need to use MS-NRPC to connect to a domain controller and gain domain administrator access.
An attacker who successfully exploits the vulnerability could run a specially crafted application on a device on the network, Microsoft
says
. In a hypothetical attack, someone could leverage this flaw to spread ransomware throughout a target environment and maintain a presence.
Businesses that apply the available update will fix the problem by enforcing Remote Procedure Call (RPC) in the Netlogon protocol for all Windows devices. Microsoft says users will be notified when the second phase of Windows updates becomes available in the first quarter of 2021. 
For more details, read the CISA
advisory
and Microsofts
article
on managing changes.

Last News

▸ Debunking Machine Learning in Security. ◂
Discovered: 23/12/2024
Category: security

▸ Researchers create BlackForest to gather, link threat data. ◂
Discovered: 23/12/2024
Category: security

▸ Travel agency fined £150,000 for breaking Data Protection Act. ◂
Discovered: 23/12/2024
Category: security


Cyber Security Categories
Google Dorks Database
Exploits Vulnerability
Exploit Shellcodes

CVE List
Tools/Apps
News/Aarticles

Phishing Database
Deepfake Detection
Trends/Statistics & Live Infos



Tags:
CISA Issues Alert for Microsoft Netlogon Vulnerability