Rewterz Threat Advisory – CVE-2020-1350 – Windows DNS Server Remote Code Execution Vulnerability

July 15, 2020

Severity

High

Analysis Summary

A remote code execution vulnerability exists in Windows Domain Name System servers when they fail to properly handle requests. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the Local System Account. Windows servers that are configured as DNS servers are at risk from this vulnerability.

To exploit the vulnerability, an unauthenticated attacker could send malicious requests to a Windows DNS server.

Impact

Run arbitrary code

Affected Vendors

Microsoft

Remediation

Refer to Microsoft advisory for the complete list of affected products and respective patches.

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1350

Rewterz Annual Threat Intelligence Report 2024 - Download Now

Rewterz Annual Threat Intelligence Report 2024 - Download Now

Platform

Managed Security Services

Managed Penetration Testing

Assess

Transform

Train

Respond

Resources

ClickFix Scheme Used by Russian Hackers to Deploy Espionage Malware – Active IOCs

Cyber Threat Alert: Immediate Action Required on Existing APT Threat Indicators – Active IOCs

Tinba aka TinyBanker Trojan – Active IOCs

Threat Insights

About Us

Our Leadership

CSR

Connect with Us

Rewterz Threat Advisory – ICS: Advantech iView

Rewterz Threat Advisory – CVE-2020-1410 – Windows Address Book Remote Code Execution Vulnerability

The Wait Is Over!

The Rewterz Annual Threat Intelligence Report 2024 is finally here.