Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
thnThe Hacker NewsTHN:FB6ED90DCAF6C4F1F46D1CBFF38FC1CA
HistoryDec 15, 2022 - 1:42 p.m.

Microsoft Reclassifies SPNEGO Extended Negotiation Security Vulnerability as 'Critical'

2022-12-1513:42:00
The Hacker News
thehackernews.com
47

8.1 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

JSON

SPNEGO Extended Negotiation Security Vulnerability

Microsoft has revised the severity of a security vulnerability it originally patched in September 2022, upgrading it to โ€œCriticalโ€ after it emerged that it could be exploited to achieve remote code execution.

Tracked as CVE-2022-37958 (CVSS score: 8.1), the flaw was previously described as an information disclosure vulnerability in SPNEGO Extended Negotiation (NEGOEX) Security Mechanism.

SPNEGO, short for Simple and Protected GSSAPI Negotiation Mechanism (SPNEGO), is a scheme that allows a client and remote server to arrive at a consensus on the choice of the protocol to be used (e.g., Kerberos or NTLM) for authentication.

But a further analysis of the flaw by IBM Security X-Force researcher Valentina Palmiotti found that it could allow remote execution of arbitrary code, prompting Microsoft to reclassify its severity.

โ€œThis vulnerability is a pre-authentication remote code execution vulnerability impacting a wide range of protocols,โ€ IBM said this week. โ€œIt has the potential to be wormable.โ€

Specially, the shortcoming could enable remote code execution via any Windows application protocol that authenticates, including HTTP, SMB, and RDP. Given the criticality of the issue, IBM said itโ€™s withholding technical details until Q2 2023 to give organizations enough time to apply the fixes.

โ€œSuccessful exploitation of this vulnerability requires an attacker to prepare the target environment to improve exploit reliability,โ€ Microsoft cautioned in its updated advisory.

โ€œUnlike the vulnerability (CVE-2017-0144) exploited by EternalBlue and used in the WannaCry ransomware attacks, which only affected the SMB protocol, this vulnerability has a broader scope and could potentially affect a wider range of Windows systems due to a larger attack surface of services exposed to the public internet (HTTP, RDP, SMB) or on internal networks,โ€ IBM noted.

Found this article interesting? Follow us on Twitter ๏‚™ and LinkedIn to read more exclusive content we post.

Related

hivepro 1
schneier 1
prion 6
cve 6
mscve 2
avleonov 6
malwarebytes 1
trellix 2
saint 3
threatpost 4
zdt 7
thn 5
cisa_kev 1
packetstorm 6
symantec 1
checkpoint_advisories 1
trendmicroblog 3
kitploit 1
mmpc 4
ics 2
fireeye 2
rapid7blog 4
securelist 2
qualysblog 7
ibm 1
attackerkb 4
huawei 1
seebug 1
mskb 24
rapid7community 8
openvas 2
kaspersky 5
f5 1
nessus 11
mssecure 2
cisa 1
hivepro
hivepro
Microsoft Rolled Out SPNEGO NEGOEX Critical Vulnerability
2022-12-26 10:37:19
schneier
schneier
Critical Microsoft Code-Execution Vulnerability
2022-12-22 12:01:37
prion
prion
Remote code execution
2022-09-13 19:15:00
Remote code execution
2017-03-17 00:59:00
Remote code execution
2017-03-17 00:59:00
cve
cve
CVE-2022-37958
2022-09-13 19:15:00
CVE-2017-0143
2017-03-17 00:59:00
CVE-2017-0146
2017-03-17 00:59:00
mscve
mscve
SPNEGO Extended Negotiation (NEGOEX) Security Mechanism Remote Code Execution Vulnerability
2022-09-13 07:00:00
Windows SMB Remote Code Execution Vulnerability
2017-03-14 07:00:00
avleonov
avleonov
Downloading entire Vulners.com database in 5 minutes
2017-08-09 17:49:03
Petya the Great and why *they* donโ€™t patch vulnerabilities
2017-06-29 21:29:50
Is Vulnerability Management more about Vulnerabilities or Management?
2020-02-11 13:46:54
malwarebytes
malwarebytes
Threat spotlight: the curious case of Ryuk ransomware
2019-12-12 22:33:53
trellix
trellix
How Groove Gang is Shaking up the RAAS to Empower Affiliates
2021-09-08 00:00:00
How Groove Gang is Shaking up the RAAS to Empower Affiliates
2021-09-08 00:00:00
saint
saint
Windows SMB PsImpersonateClient null token vulnerability
2017-07-13 00:00:00
Windows SMB PsImpersonateClient null token vulnerability
2017-07-13 00:00:00
Windows SMB PsImpersonateClient null token vulnerability
2017-07-13 00:00:00
threatpost
threatpost
EternalBlue Exploit Used in Retefe Banking Trojan Campaign
2017-09-22 14:02:28
PyRoMine Uses NSA Exploit for Monero Mining and Backdoors
2018-04-26 18:21:13
InvisiMole Group Resurfaces Touting Fresh Toolset, Gamaredon Partnership
2020-06-18 09:30:00
zdt
zdt
Microsoft Windows 7 / 2008 R2 (x64) - EternalBlue SMB Remote Code Execution (MS17-010) Exploit
2017-05-19 00:00:00
Microsoft Windows 8 / 2012 R2 (x64) - EternalBlue SMB Remote Code Execution (MS17-010) Exploit
2017-05-19 00:00:00
Microsoft Windows - Uncredentialed SMB RCE (MS17-010) Exploit
2017-04-17 00:00:00
thn
thn
Vulnerability Scanning Frequency Best Practices
2021-12-06 12:22:00
InvisiMole Hackers Target High-Profile Military and Diplomatic Entities
2020-06-18 09:30:00
Cryptocurrency Mining Malware Infected Over Half-Million PCs Using NSA Exploit
2018-01-31 23:05:00
cisa_kev
cisa_kev
Microsoft SMBv1 Remote Code Execution Vulnerability
2022-02-10 00:00:00
packetstorm
packetstorm
Microsoft Windows 7/2008 R2 x64 EternalBlue Remote Code Execution
2017-05-20 00:00:00
Microsoft Windows 8/2012 R2 x64 EternalBlue Remote Code Execution
2017-05-20 00:00:00
MS17-010 EternalBlue SMB Remote Windows Kernel Pool Corruption
2017-05-17 00:00:00
symantec
symantec
Microsoft Windows SMB Server CVE-2017-0144 Remote Code Execution Vulnerability
2017-03-14 00:00:00
checkpoint_advisories
checkpoint_advisories
Microsoft Windows SMB Remote Code Execution (MS17-010: CVE-2017-0144)
2017-03-14 00:00:00
trendmicroblog
trendmicroblog
WannaCry & The Reality Of Patching
2017-05-15 00:46:55
TippingPoint Threat Intelligence and Zero-Day Coverage โ€“ Week of June 26, 2017
2017-06-30 12:00:57
TippingPoint Threat Intelligence and Zero-Day Coverage โ€“ Week of May 15, 2017
2017-05-19 12:00:15
kitploit
kitploit
Eternal - An internet scanner for Eternal Blue [exploit CVE-2017-0144]
2017-07-22 20:30:00
mmpc
mmpc
Ransomware 1H 2017 review: Global outbreaks reinforce the value of security hygiene
2017-09-06 14:58:36
New ransomware, old techniques: Petya adds worm capabilities
2017-06-28 06:57:43
When coin miners evolve, Part 2: Hunting down LemonDuck and LemonCat attacks
2021-07-29 19:00:59
ics
ics
Enhancing Cyber Resilience: Insights from the CISA Healthcare and Public Health Sector Risk and Vulnerability Assessment
2023-12-15 12:00:00
Philips Intellispace Portal ISP Vulnerabilities
2018-02-27 12:00:00
fireeye
fireeye
CVE-2017-10271 Used to Deliver CryptoMiners: An Overview of Techniques Used Post-Exploitation and Pre-Mining
2018-02-15 16:30:00
CVE-2017-10271 Used to Deliver CryptoMiners: An Overview of Techniques Used Post-Exploitation and Pre-Mining
2018-02-15 11:30:00
rapid7blog
rapid7blog
Metasploit Wrap-Up
2021-03-05 17:20:43
Open-Source Security: Getting to the Root of the Problem
2022-01-19 18:02:43
Conti Ransomware Group Internal Chats Leaked Over Russia-Ukraine Conflict
2022-03-01 19:15:58
securelist
securelist
A mining multitool
2018-07-26 10:00:25
APT trends report Q2 2019
2019-08-01 10:00:05
qualysblog
qualysblog
Conti Ransomware
2021-11-18 17:17:56
Emotet Re-emerges with Help from TrickBot
2022-01-06 14:05:53
Qualys Threat Research Unit: Threat Thursdays, December 2022
2022-12-29 19:05:19
ibm
ibm
Security Bulletin: Multiple vulnerabilities in Cloud Pak System
2019-10-24 21:43:28
attackerkb
attackerkb
CVE-2017-0148
2017-03-17 00:00:00
CVE-2017-0144 (MS17-010)
2017-03-17 00:00:00
CVE-2017-0143
2017-03-17 00:00:00
huawei
huawei
Security Advisory - 'WannaCry ransomware' Vulnerabilities in Microsoft Windows Systems
2017-05-13 00:00:00
seebug
seebug
ETERNALBLUE - Remote RCE via SMB & NBT (Windows XP to Windows 2012)
2017-04-15 00:00:00
mskb
mskb
MS17-010: Description of the security update for Windows SMB Server: March 14, 2017
2017-03-14 07:00:00
MS17-010: Security update for Windows SMB Server: March 14, 2017
2017-03-14 00:00:00
September 13, 2022โ€”KB5017327 (OS Build 10240.19444)
2022-09-13 07:00:00
rapid7community
rapid7community
Vulnerability Management Tips for the Shadow Brokers Leaked Exploits
2017-05-24 23:14:26
Petya-like ransomworm: Leveraging InsightVM and Nexpose for visibility into MS17-010
2017-08-03 16:56:04
Scanning and Remediating WannaCry/MS17-010 in InsightVM and Nexpose
2017-05-15 18:25:42
openvas
openvas
Microsoft Windows SMB Server Multiple Vulnerabilities-Remote (4013389)
2017-03-22 00:00:00
Microsoft Windows SMB Server Multiple Vulnerabilities (4013389)
2017-03-15 00:00:00
kaspersky
kaspersky
KLA10977 Multiple vulnerabilities in Microsoft Server Message Block (SMB)
2017-03-14 00:00:00
KLA19249 Multiple vulnerabilities in Microsoft Products (ESU)
2022-09-13 00:00:00
KLA19245 Multiple vulnerabilities in Microsoft Windows
2022-09-13 00:00:00
f5
f5
K57181937 : Multiple Microsoft SMB (Wannacry/Wannacrypt/Petya/Goldeneye) vulnerabilities
2017-05-16 00:00:00
nessus
nessus
MS17-010: Security Update for Microsoft Windows SMB Server (4013389) (ETERNALBLUE) (ETERNALCHAMPION) (ETERNALROMANCE) (ETERNALSYNERGY) (WannaCry) (EternalRocks) (Petya)
2017-03-15 00:00:00
MS17-010: Security Update for Microsoft Windows SMB Server (4013389) (ETERNALBLUE) (ETERNALCHAMPION) (ETERNALROMANCE) (ETERNALSYNERGY) (WannaCry) (EternalRocks) (Petya) (uncredentialed check)
2017-03-20 00:00:00
KB5017377: Windows Server 2012 Security Update (September 2022)
2022-09-13 00:00:00
mssecure
mssecure
When coin miners evolve, Part 2: Hunting down LemonDuck and LemonCat attacks
2021-07-29 19:00:59
When coin miners evolve, Part 1: Exposing LemonDuck and LemonCat, modern mining malware infrastructure
2021-07-22 16:00:57
cisa
cisa
CISA Adds 15 Known Exploited Vulnerabilities to Catalog
2022-02-10 00:00:00

8.1 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

JSON
Related for THN:FB6ED90DCAF6C4F1F46D1CBFF38FC1CA
hivepro1schneier1prion6cve6mscve2avleonov6malwarebytes1trellix2saint3threatpost4zdt7thn5cisa_kev1packetstorm6symantec1checkpoint_advisories1trendmicroblog3kitploit1mmpc4ics2fireeye2rapid7blog4securelist2qualysblog7ibm1attackerkb4huawei1seebug1mskb24rapid7community8openvas2kaspersky5f51nessus11mssecure2cisa1