silversurfer
Level 85
Thread author
Verified
Honorary Member
Top Poster
Content Creator
Malware Hunter
Well-known
- Aug 17, 2014
- 10,168
A critical vulnerability that’s been sitting in Microsoft’s Windows DNS Server for almost two decades could be exploited to gain Domain Administrator privileges and compromise the entire corporate infrastructure behind it.
The vulnerability received the tracking identifier CVE-2020-1350 and the name SigRed. It is a remote code execution that affects Windows Server versions 2003 through 2019 and received the maximum severity rating, 10 out of 10.
It is wormable, meaning that an exploit can propagate automatically to vulnerable machines on the network with no user interaction. This characteristic puts it in the same risk category as EternalBlue in Server Message Block (SMB) and BlueKeep in the Remote Desktop Protocol (RDP).