[GTER] CVE-2020-1350 | Windows DNS Server Remote Code Execution Vulnerability

Lucimara Desiderá lucimara at cert.br
Wed Jul 15 08:18:57 -03 2020

Vulnerabilidade crítica no DNS Microsoft requer update imediato.

"SIGRed (CVE-2020-1350) is a wormable, critical vulnerability (CVSS base
score of 10.0) in the Windows DNS server that affects Windows Server
versions 2003 to 2019, and can be triggered by a malicious DNS response.
As the service is running in elevated privileges (SYSTEM), if exploited
successfully, an attacker is granted Domain Administrator rights,
effectively compromising the entire corporate infrastructure."

Detalhes sobre a vulnerabilidade em:

Detalhes sobre updates/workarounds em:


Lucimara Desiderá

More information about the gter mailing list