Detections
Analytics
CVE-2020-1350
critical
Description
A remote code execution vulnerability exists in Windows Domain Name System servers when they fail to properly handle requests, aka 'Windows DNS Server Remote Code Execution Vulnerability'.
From the Tenable Blog
CVE-2020-1350: Wormable Remote Code Execution Vulnerability in Windows DNS Server Disclosed (SIGRed)
Published: 2020-07-14
Researchers disclose a 17-year-old wormable flaw in Windows DNS servers. Organizations are strongly encouraged to apply patches as soon as possible. Update July 17, 2020: The Proof of Concept and Solutions sections have been updated to reflect the availability of proof of concept scripts and the availability of an audit file for Tenable products.
References
https://www.tenable.com/blog/one-year-later-what-can-we-learn-from-zerologon
https://www.tenable.com/blog/microsoft-s-march-2021-patch-tuesday-addresses-82-cves-cve-2021-26411
https://www.tenable.com/cyber-exposure/2020-threat-landscape-retrospective
https://www.tenable.com/blog/microsoft-s-september-2020-patch-tuesday-addresses-129-cves
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1350
http://packetstormsecurity.com/files/158484/SIGRed-Windows-DNS-Denial-Of-Service.html