Microsoft Windows Netlogon Remote Protocol (MS-NRPC) uses insecure AES-CFB8 initialization vector
Overview The Microsoft Windows Netlogon Remote Protocol MS-NRPC reuses a known, static, zero-value initialization vector IV in AES-CFB8 mode. This allows an unauthenticated attacker to impersonate a domain-joined computer, including a domain controller, and potentially obtain domain administrator...