Windows DNS vulnerability – CVSS 10

On the second Tuesday in July, Microsoft released patches for 123 CVEs. But the most dangerous of all is the vulnerability CVE-2020-1350 in the Windows DNS Server versions 2003 to 2019. Vulnerability allows an unauthenticated user (attacker) to execute remote code on the target system.

It can be exploited by sending crafted DNS query to a Windows DNS server. Due to the fact that the DNS service works with SYSTEM rights (one of the highest rights in the system), then after successfully exploitation the vulnerability, an attacker can gain domain administrator rights. thereby compromising the organization’s corporate infrastructure.

Check Point research team confirms that the vulnerability is wormable. An attack organized in this way can spread autonomously, without additional intervention from the attacker.

SIGRed

Despite the fact that the use is not officially seen in the wild, Microsoft strongly recommends installing the latest security patches.

https://vulners.com/thn/THN:DBFCCEBE2752BA05D9181D55D3477666

One thought on “Windows DNS vulnerability – CVSS 10

Leave a Reply