Educause Security Discussion mailing list archives
CVE-2020-1472 Unauthenticated full AD domain takeover
From: Alex Keller <axkeller () STANFORD EDU>
Date: Tue, 15 Sep 2020 06:54:41 +0000
Hello EDUCAUSE Security Folks, Windows Active Directory Domain Controllers unpatched for CVE-2020-1472 are at grave risk. Highest possible CVSS score of 10.0, this is an unauthenticated Active Directory domain takeover with exploit code circulating publicly. https://www.secura.com/blog/zero-logon https://us-cert.cisa.gov/ncas/current-activity/2020/09/14/exploit-netlogon-remote-protocol-vulnerability-cve-2020-1472 Microsoft is creatively calling this a “Netlogon Elevation of Privilege Vulnerability”, which is misleading as it allows for full AD compromise with no authentication nor privileges. Best, Alex Alex Keller Stanford | Engineering Information Technology axkeller () stanford edu<mailto:axkeller () stanford edu> (650)736-6421<tel:(650)736-6421> ********** Replies to EDUCAUSE Community Group emails are sent to the entire community list. If you want to reply only to the person who sent the message, copy and paste their email address and forward the email reply. Additional participation and subscription information can be found at https://www.educause.edu/community
Current thread:
- CVE-2020-1472 Unauthenticated full AD domain takeover Alex Keller (Sep 14)