CVE-2020-1472 - Microsoft Netlogon Privilege Escalation Vulnerability

CVE-2020-1472: Microsoft | Netlogon

Date Added:
2021-11-03

Due Date:
2020-09-21

Vulnerability Name: Microsoft Netlogon Privilege Escalation Vulnerability

Description: Microsoft's Netlogon Remote Protocol (MS-NRPC) contains a privilege escalation vulnerability when an attacker establishes a vulnerable Netlogon secure channel connection to a domain controller. An attacker who successfully exploits the vulnerability could run a specially crafted application on a device on the network. The vulnerability is also known under the moniker of Zerologon.

Known To Be Used in Ransomware Campaigns?: Known

Action: Apply updates per vendor instructions.

Additional Notes: Reference CISA's ED 20-04 (https://www.cisa.gov/news-events/directives/ed-20-04-mitigate-netlogon-elevation-privilege-vulnerability-august-2020-patch-tuesday) for further guidance and requirements. Note: The due date for addressing this vulnerability aligns with the requirements outlined in ED 20-04. https://nvd.nist.gov/vuln/detail/CVE-2020-1472

Related News Articles

U.S. and Allies Warn of Iranian Cyberattacks on Critical Infrastructure in Year-Long CampaignOctober 18, 2024

Iranian hackers act as brokers selling critical infrastructure accessOctober 17, 2024

CosmicBeetle Deploys Custom ScRansom Ransomware, Partnering with RansomHubSeptember 10, 2024

NoName ransomware gang deploying RansomHub malware in recent attacksSeptember 10, 2024

Free security scan for your website

Don't show website scan report rating on the leaderboard