CVE-2020-0761: Active Directory Remote Code Execution Vulnerability

Overview

Severity

High (CVSS 8.8)

CVSS Vector

CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C

Category

Remote Code Execution

Exploit Status

Not Exploited

Exploitation Likelihood

Less Likely

Patch Tuesday

2020-Sep

Released

2020-09-08

EPSS Score

11.14% (percentile: 93.5%)

Description

A remote code execution vulnerability exists when Active Directory integrated DNS (ADIDNS) mishandles objects in memory. An authenticated attacker who successfully exploited the vulnerability could run arbitrary code in the context of the Local System Account To exploit the vulnerability, an authenticated attacker could send malicious requests to an Active Directory integrated DNS (ADIDNS) server. The update addresses the vulnerability by correcting how Active Directory integrated DNS (ADIDNS) handles objects in memory.

Affected Products (17)

Other

• 11769
• 11571
• 11572
• 11715
• 11647
• 10816
• 10855
• 9312
• 10287
• 9318
• 9344
• 10051
• 10049
• 10378
• 10379
• 10483
• 10543

Security Updates (12)

• 4571756
• 4570333
• 4574727
• 4577015
• 4577064
• 4577070
• 4577051
• 4577053
• 4577038
• 4577048
• 4577066
• 4577071

Acknowledgments

Dirk-jan Mollema (<a href="https://twitter.com/_dirkjan">@_dirkjan</a>)

Revision History

• 2020-09-08: Information published.