- Source: Zerologon
Zerologon (formally: CVE-2020-1472) is a critical vulnerability in Microsoft's authentication protocol Netlogon, as implemented in some versions of Microsoft Windows and Samba.
Severity
Zerologon has a score of 10 under the Common Vulnerability Scoring System. It allows attackers to access all valid usernames and passwords in each Microsoft network that they breached. This in turn allows them to access additional credentials necessary to assume the privileges of any legitimate user of the network, which in turn can let them compromise Microsoft 365 email accounts.
Unusually, Zerologon was the subject of an emergency directive from the United States Cybersecurity and Infrastructure Security Agency.
In 2020, Zerologon started to be used in global attacks against the automotive, engineering and pharmaceutical industry. Zerologon was also used to hack the Municipal wireless network of Austin, Texas.
See also
2020 United States federal government data breach
References
Kata Kunci Pencarian:
- Zerologon
- Samba (software)
- 2020 United States federal government data breach
- Block cipher mode of operation
- 2020 in science
- Pwnie Awards
- July–September 2020 in science
