THREAT OPS › CVEs › CVE-2020-1472
CVE-2020-1472 — Microsoft Netlogon Privilege Escalation Vulnerability
Microsoft's Netlogon Remote Protocol (MS-NRPC) contains a privilege escalation vulnerability when an attacker establishes a vulnerable Netlogon secure channel connection to a domain controller. An attacker who successfully exploits the vulnerability could run a specially crafted application on a device on the network. The vulnerability is also known under the moniker of Zerologon.
Vulnerability details
- Affected productsNetlogon
- KEV remediation due2022-05-03
Exploiting threat actors
- Earth LuscaG1006