SIGRed

SIGRed^[1] (CVE-2020-1350) is a security vulnerability discovered in Microsoft's Domain Name System (DNS) implementation of Windows Server versions from 2003 to 2019.

To exploit the vulnerability, an unauthenticated attacker sends malicious requests to a Windows DNS server.^[2] If exploited, the vulnerability could allow an attacker to run arbitrary code on a Domain Controller in the context of the Local System Account.

In Microsoft's advisory of the issue, the vulnerability was classified 'wormable' and was given a CVSS base score of 10.0.^[3]

It has been the subject of a Department of Homeland Security emergency directive, instructing all government agencies to deploy patches or mitigations for it in 24 hours.^[4]

The vulnerability was discovered by Check Point Software Technologies and publicly disclosed on July 14, 2020.^[1]

References

0.00

(0 votes)

Original source: https://en.wikipedia.org/wiki/SIGRed. Read more

[:0-1] 1.0 ^1.1 "SIGRed - Resolving Your Way into Domain Admin: Exploiting a 17 Year-old Bug in Windows DNS Servers". July 14, 2020. https://research.checkpoint.com/2020/resolving-your-way-into-domain-admin-exploiting-a-17-year-old-bug-in-windows-dns-servers/.

[2] ttps://cyber.dhs.gov/assets/report/ed-20-03.pdf^{[bare URL PDF]}

[3] "July 2020 Security Update: CVE-2020-1350 Vulnerability in Windows Domain Name System (DNS) Server" (in en-US). https://msrc-blog.microsoft.com/2020/07/14/july-2020-security-update-cve-2020-1350-vulnerability-in-windows-domain-name-system-dns-server/.

[4] "cyber.dhs.gov - Emergency Directive 20-03". 16 July 2020. https://cyber.dhs.gov/ed/20-03/.

[1]

[2]

[3]

[4]

Anonymous

Search

SIGRed

Namespaces

More

Page actions

References

Navigation

Navigation

Help

Translate

Wiki tools

Wiki tools

Anonymous

Search

SIGRed

References

Navigation

Wiki tools

Page tools

Other projects

Categories