47 matches found
Exploit for CVE-2020-1472
Windows NetLogon privilege escalation vulnerability reoccurren...
CISA Releases Emergency Directive on Microsoft Windows Netlogon Remote Protocol
The Cybersecurity and Infrastructure Security Agency CISA has released Emergency Directive ED 20-04 addressing a critical vulnerability— CVE-2020-1472—affecting Microsoft Windows Netlogon Remote Protocol. An unauthenticated attacker with network access to a domain controller could exploit this...
Microsoft Windows Netlogon Remote Protocol (MS-NRPC) uses insecure AES-CFB8 initialization vector
Overview The Microsoft Windows Netlogon Remote Protocol MS-NRPC reuses a known, static, zero-value initialization vector IV in AES-CFB8 mode. This allows an unauthenticated attacker to impersonate a domain-joined computer, including a domain controller, and potentially obtain domain administrator...
CVE-2019-1424
A security feature bypass vulnerability exists when Windows Netlogon improperly handles a secure communications channel, aka 'NetLogon Security Feature Bypass Vulnerability'...
CVE-2019-1424
CVE-2019-1424 is a Windows Netlogon security feature bypass vulnerability. Public data describe a vulnerability in how the Netlogon secure channel is handled, with a CVSS v3.1 base score of 8.1 (AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H) and a NETWORK attack vector, no user interaction required. No exp...
Microsoft Windows Netlogon Memory Corruption Remote Code Execution Vulnerability
Microsoft Windows is a series of operating systems released by the American company Microsoft. A memory corruption remote code execution vulnerability exists in Microsoft Windows, which arises from a program's failure to properly handle objects in memory. A remote attacker is allowed to exploit t...
MS10-101: Vulnerability in Windows Netlogon Service Could Allow Denial of Service (2207559)
The remote Windows host contains a version of the NetLogon RPC service that is affected by a denial of service vulnerability. An attacker with administrative privileges on a machine that is joined to the same domain as the affected domain controller could cause a denial of service by sending a...