604 matches found
CVE-2025-33070 Windows Netlogon Elevation of Privilege Vulnerability
...
CVE-2025-33070 Windows Netlogon Elevation of Privilege Vulnerability
...
CVE-2025-33070
CVE-2025-33070 is reported in EU/NCSC context as affecting Windows Netlogon, caused by use of an uninitialized resource, enabling an unauthenticated attacker to obtain elevated privileges. The CVSS vector indicates network access is required with high impact on confidentiality, integrity, and ava...
Windows Netlogon Elevation of Privilege Vulnerability
Use of uninitialized resource in Windows Netlogon allows an unauthorized attacker to elevate privileges over a network...
Microsoft Windows Netlogon 安全漏洞
Microsoft Windows Netlogon is an important component of Windows from Microsoft Corporation USA, whose main functions are authentication of users and machines on intra-domain networks and replication of databases for domain-controlled backups, as well as maintenance of domain member-to-domain,...
PT-2025-24855 · Microsoft · Windows Netlogon +1
Name of the Vulnerable Software and Affected Versions: Windows Netlogon affected versions not specified Description: The issue is related to the use of an uninitialized resource in Windows Netlogon, allowing an unauthorized attacker to elevate privileges over a network. Recommendations: At the...
CVE-2019-1384
A security feature bypass vulnerability exists where a NETLOGON message is able to obtain the session key and sign messages.To exploit this vulnerability, an attacker could send a specially crafted authentication request, aka 'Microsoft Windows Security Feature Bypass Vulnerability'...
Alibaba Cloud Linux 3 : 0027: samba (ALINUX3-SA-2023:0027)
The remote Alibaba Cloud Linux 3 host has packages installed that are affected by a vulnerability as referenced in the ALINUX3-SA-2023:0027 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2022-38023: Netlogon RPC Elevation of Privilege...
Linux Distros Unpatched Vulnerability : CVE-2022-38023
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Netlogon RPC Elevation of Privilege Vulnerability CVE-2022-38023 Note that Nessus relies on the presence of the package as reported by the vendor. %NASLMINLEVEL...
Linux Distros Unpatched Vulnerability : CVE-2016-2111
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The NETLOGON service in Samba 3.x and 4.x before 4.2.11, 4.3.x before 4.3.8, and 4.4.x before 4.4.2, when a domain controller is configured, allows remote...
Linux Distros Unpatched Vulnerability : CVE-2015-0240
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The Netlogon server implementation in smbd in Samba 3.5.x and 3.6.x before 3.6.25, 4.0.x before 4.0.25, 4.1.x before 4.1.17, and 4.2.x before 4.2.0rc5 performs ...
Linux Distros Unpatched Vulnerability : CVE-2020-1472
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An elevation of privilege vulnerability exists when an attacker establishes a vulnerable Netlogon secure channel connection to a domain controller, using the...
Exploit for Improper Authentication in Microsoft
Detailed-Analysis-and-Mitigation-Strategies-for-CVE-2024-38124...
The vulnerability of the Netlogon service in Windows operating systems allows attackers to escalate their privileges.
The vulnerability of the Netlogon service in Windows operating systems is related to deficiencies in the authentication process. Exploiting this vulnerability can allow a malicious actor to gain increased privileges remotely...
Vulnerabilities fixed in Microsoft Windows
Microsoft has fixed vulnerabilities in Windows. A malicious party can exploit the vulnerabilities to carry out attacks that can lead to the categories of damage listed below. The most serious vulnerability has been assigned attribute CVE-2024-38124 and is located in the NETLOGON functionality...
CVE-2024-38124
Windows Netlogon Elevation of Privilege Vulnerability...
CVE-2024-38124
Windows Netlogon Elevation of Privilege Vulnerability...
CVE-2024-38124 Windows Netlogon Elevation of Privilege Vulnerability
...
CVE-2024-38124 Windows Netlogon Elevation of Privilege Vulnerability
...
CVE-2024-38124
CVE-2024-38124 is a Windows Netlogon Elevation of Privilege vulnerability. The provided exploitation context shows an attacker with network access on an AD domain can craft Netlogon messages to impersonate machines (including DCs), enabling privilege escalation and potential full AD compromise. A...