Lucene search
K

47 matches found

GithubExploit
GithubExploit
added 2020/09/26 8:31 a.m.219 views

Exploit for CVE-2020-1472

Windows NetLogon privilege escalation vulnerability reoccurren...

10CVSS7AI score0.99512EPSS
Exploits75
CISA
CISA
added 2020/09/18 12:0 a.m.87 views

CISA Releases Emergency Directive on Microsoft Windows Netlogon Remote Protocol

The Cybersecurity and Infrastructure Security Agency CISA has released Emergency Directive ED 20-04 addressing a critical vulnerability— CVE-2020-1472—affecting Microsoft Windows Netlogon Remote Protocol. An unauthenticated attacker with network access to a domain controller could exploit this...

9.3CVSS1.2AI score0.99512EPSS
In wildExploits75References6
CERT
CERT
added 2020/09/16 12:0 a.m.1145 views

Microsoft Windows Netlogon Remote Protocol (MS-NRPC) uses insecure AES-CFB8 initialization vector

Overview The Microsoft Windows Netlogon Remote Protocol MS-NRPC reuses a known, static, zero-value initialization vector IV in AES-CFB8 mode. This allows an unauthenticated attacker to impersonate a domain-joined computer, including a domain controller, and potentially obtain domain administrator...

10CVSS8.6AI score0.99512EPSS
Exploits75References14
OSV
OSV
added 2019/11/12 7:15 p.m.2 views

CVE-2019-1424

A security feature bypass vulnerability exists when Windows Netlogon improperly handles a secure communications channel, aka 'NetLogon Security Feature Bypass Vulnerability'...

8.1CVSS5.8AI score0.02574EPSS
Exploits0References1
CVE
CVE
added 2019/11/12 6:53 p.m.102 views

CVE-2019-1424

CVE-2019-1424 is a Windows Netlogon security feature bypass vulnerability. Public data describe a vulnerability in how the Netlogon secure channel is handled, with a CVSS v3.1 base score of 8.1 (AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H) and a NETWORK attack vector, no user interaction required. No exp...

8.1CVSS8.6AI score0.02574EPSS
Exploits0References1Affected Software8
CNVD
CNVD
added 2016/06/16 12:0 a.m.24 views

Microsoft Windows Netlogon Memory Corruption Remote Code Execution Vulnerability

Microsoft Windows is a series of operating systems released by the American company Microsoft. A memory corruption remote code execution vulnerability exists in Microsoft Windows, which arises from a program's failure to properly handle objects in memory. A remote attacker is allowed to exploit t...

9CVSS8.2AI score0.13336EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2010/12/15 12:0 a.m.36 views

MS10-101: Vulnerability in Windows Netlogon Service Could Allow Denial of Service (2207559)

The remote Windows host contains a version of the NetLogon RPC service that is affected by a denial of service vulnerability. An attacker with administrative privileges on a machine that is joined to the same domain as the affected domain controller could cause a denial of service by sending a...

5.4CVSS5.6AI score0.30356EPSS
Exploits0References2
Rows per page
Query Builder