logo

CVE-2020-1472 - Microsoft Netlogon Privilege Escalation Vulnerability

CVE-2020-1472

Microsoft | Netlogon

  • Date Added:
  • 2021-11-03
  • Due Date:
  • 2020-09-21
Vulnerability Name

Microsoft Netlogon Privilege Escalation Vulnerability

Description

Microsoft's Netlogon Remote Protocol (MS-NRPC) contains a privilege escalation vulnerability when an attacker establishes a vulnerable Netlogon secure channel connection to a domain controller. An attacker who successfully exploits the vulnerability could run a specially crafted application on a device on the network. The vulnerability is also known under the moniker of Zerologon.

Known To Be Used in Ransomware Campaigns?

Known

Action

Apply updates per vendor instructions.

Additional Notes
Reference CISA's ED 20-04 (https://www.cisa.gov/news-events/directives/ed-20-04-mitigate-netlogon-elevation-privilege-vulnerability-august-2020-patch-tuesday) for further guidance and requirements. Note: The due date for addressing this vulnerability aligns with the requirements outlined in ED 20-04. https://nvd.nist.gov/vuln/detail/CVE-2020-1472
Related News Articles

Free security scan for your website