Windows Kerberos Bronze Bit attack gets public exploit, patch now


Level 37
Feb 4, 2016
Proof-of-concept exploit code and full details on a Windows Kerberos security bypass vulnerability have been published earlier this week by Jake Karnes, the NetSPI security consultant and penetration tester who reported the security bug to Microsoft.

The security bug tracked as CVE-2020-17049 and patched by Microsoft during November 2020's Patch Tuesday can be exploited in what the researcher has named as Kerberos Bronze Bit attacks.

Karnes provides a high-level summary of the vulnerability and details on how attackers can exploit it to compromised vulnerable Windows systems.

He has also published a low-level overview of the security bug with additional information on the Kerberos protocol, as well as practical exploit scenarios and details about how to implement and use Kerberos Bronze Bit attacks.

The release of the proof-of-concept exploit code by Karnes on Tuesday was prompted by Microsoft publishing the security updates needed to fully mitigate CVE-2020-17049 on vulnerable servers.