March 17, 2025
Proactive Defense: The Importance of Incident Response Planning in Cybersecurity
Rewterz Threat Advisory – ICS: Advantech iView
July 15, 2020Rewterz Threat Advisory – CVE-2020-1410 – Windows Address Book Remote Code Execution Vulnerability
July 15, 2020Rewterz Threat Advisory – ICS: Advantech iView
July 15, 2020Rewterz Threat Advisory – CVE-2020-1410 – Windows Address Book Remote Code Execution Vulnerability
July 15, 2020
Severity
High
Analysis Summary
A remote code execution vulnerability exists in Windows Domain Name System servers when they fail to properly handle requests. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the Local System Account. Windows servers that are configured as DNS servers are at risk from this vulnerability.
To exploit the vulnerability, an unauthenticated attacker could send malicious requests to a Windows DNS server.
Impact
Run arbitrary code
Affected Vendors
Microsoft
Remediation
Refer to Microsoft advisory for the complete list of affected products and respective patches.
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1350