Proof-of-concept (PoC) exploit code has been released for a Windows flaw, which could allow attackers to infiltrate enterprises by gaining administrative privileges, giving them access to companies’ Active Directory domain controllers (DCs).

The vulnerability, dubbed “Zerologon,” is a privilege-escalation glitch (CVE-2020-1472) with a CVSS score of 10 out of 10, making it critical in severity. The flaw was addressed in Microsoft’s August 2020 security updates. However, this week at least four public PoC exploits for the flaw were released on Github, and on Friday, researchers with Secura (who discovered the flaw) published technical details of the vulnerability.

Read more…
Source: ThreatPost


 



Source link

Write a comment:
*

Your email address will not be published.