Zerologon (CVE-2020-1472)

GPTKB entity

Statements (23)
Predicate Object
gptkbp:instanceOf gptkb:security
gptkbp:access false
gptkbp:affects gptkb:Windows_Server
Microsoft Netlogon Remote Protocol (MS-NRPC)
gptkbp:allows privilege escalation
domain controller compromise
gptkbp:CVSSv3_score 10.0
gptkbp:discoveredBy gptkb:Secura
gptkbp:discoveredIn 2020
gptkbp:exploitAvailability public exploit code available
gptkbp:exploits true
Zerologon exploit tool
gptkbp:hasCWE gptkb:CWE-287
https://www.w3.org/2000/01/rdf-schema#label Zerologon (CVE-2020-1472)
gptkbp:impact full domain takeover
gptkbp:patchedBy Microsoft security update (August 2020)
gptkbp:relatedTo gptkb:Active_Directory
gptkbp:vectorFor gptkb:network_protocol
gptkbp:vulnerableTo authentication bypass
cryptographic flaw
CVE-2020-1472
gptkbp:bfsParent gptkb:Netlogon_service
gptkbp:bfsLayer 7