Vulnerability identifier: #VU45628
Vulnerability risk: High
Exploitation vector: Network
The vulnerability allows a remote attacker to escalate privileges on the system.
The vulnerability exists due to application does not properly impose security restrictions in Netlogon. A remote non-authenticated attacker can use MS-NRPC to connect to a domain controller to obtain domain administrator access. This vulnerability was dubbed ZeroLogon.
Install updates from vendor's website.
Vulnerable software versions
Windows Server: 2008 R2 - 2019 2004
Fixed software versions
Can this vulnerability be exploited remotely?
Is there known malware, which exploits this vulnerability?