Misplaced Pages

SIGRed

Article snapshot taken from Wikipedia with creative commons attribution-sharealike license. Give it a read and then ask your questions in the chat. We can research this topic together.
This article is an orphan, as no other articles link to it. Please introduce links to this page from related articles; try the Find link tool for suggestions. (March 2022)

SIGRed (CVE-2020-1350) is a security vulnerability discovered in Microsoft's Domain Name System (DNS) implementation of Windows Server versions from 2003 to 2019.

To exploit the vulnerability, an unauthenticated attacker sends malicious requests to a Windows DNS server. If exploited, the vulnerability could allow an attacker to run arbitrary code on a Domain Controller in the context of the Local System Account.

In Microsoft's advisory of the issue, the vulnerability was classified 'wormable' and was given a CVSS base score of 10.0.

It has been the subject of a Department of Homeland Security emergency directive, instructing all government agencies to deploy patches or mitigations for it in 24 hours.

The vulnerability was discovered by Check Point Software Technologies and publicly disclosed on July 14, 2020.

References

  1. ^ "SIGRed - Resolving Your Way into Domain Admin: Exploiting a 17 Year-old Bug in Windows DNS Servers". Check Point Research. July 14, 2020.
  2. "Emergency Directive 20-03: Mitigate Windows DNS Server Remote Code Execution Vulnerability from July 2020 Patch" (PDF). U.S. Department of Homeland Security. 2020-07-16. Archived from the original (PDF) on 2020-07-16.
  3. "July 2020 Security Update: CVE-2020-1350 Vulnerability in Windows Domain Name System (DNS) Server". Microsoft Security Response Center. Retrieved 2020-07-27.
  4. "cyber.dhs.gov - Emergency Directive 20-03". cyber.dhs.gov. 16 July 2020.
Category: