Huzaifa S. Sidhpurwala

2020-09-17 06:15:19 UTC

The CERT advisory describes this issue as:

The Microsoft Windows Netlogon Remote Protocol (MS-NRPC) reuses a known, static, zero-value initialization vector (IV) in AES-CFB8 mode. This allows an unauthenticated attacker to impersonate a domain-joined computer, including a domain controller, and potentially obtain domain administrator privileges.

Source link

Write a comment:

Your email address will not be published.