CVE-2020-1350

Description from NVD

A remote code execution vulnerability exists in Windows Domain Name System servers when they fail to properly handle requests, aka 'Windows DNS Server Remote Code Execution Vulnerability'.

Information Acquisition Date:2021-04-27T10:48Z

CVSS 2.0: 10.0 HIGH CVSS 3.x: 10.0 CRITICAL

▼ CVSS3 Vec CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

Attack Vector (AV)	Network	Adjacent	Local	Physical
Attack Complexity (AC)	LOW	High
Privileges Required (PR)	None	Low	High
User Interaction (UI)	None	Required
Scope (S)	Unchanged	Changed
Confidentiality (C)	None	Low	High
Integrity (I)	None	Low	High
Availability (A)	None	Low	High

▼ CVSS2 Vec AV:N/AC:L/Au:N/C:C/I:C/A:C

Attack Vector (AV)	Network	Adjacent	Local
Access Complexity (AC)	Low	Medium	High
Authentication (Au)	None	Single	Multiple
Confidentiality (C)	None	Partial	Complete
Integrity (I)	None	Partial	Complete
Availability (A)	None	Partial	Complete

NVD References

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1350
source:MISC
tags:Patch Vendor Advisory

http://packetstormsecurity.com/files/158484/SIGRed-Windows-DNS-Denial-Of-Service.html
source:MISC
tags:Third Party Advisory VDB Entry

This vulnerability may involve a PoC.

Description from Forti

Microsoft: Windows DNS Server Remote Code Execution Vulnerability

This indicates an attack attempt to exploit an Integer Overflow Vulnerability in Microsoft DNS Server.The vulnerability is caused by an error when the DNS Server handles a series of specially crafted DNS requests. Successful exploitation could result in arbitrary code execution in the DNS Server.

Information Acquisition Date:2021/03/04

Affected Products

Windows Server 2008 for 32-bit Systems Service Pack 2
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation)
Windows Server 2008 for x64-based Systems Service Pack 2
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation)
Windows Server 2008 R2 for x64-based Systems Service Pack 1
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)
Windows Server 2012
Windows Server 2012 (Server Core installation)
Windows Server 2012 R2
Windows Server 2012 R2 (Server Core installation)
Windows Server 2016
Windows Server 2016 (Server Core installation)
Windows Server 2019
Windows Server 2019 (Server Core installation)
Windows Server, version 1903 (Server Core installation)
Windows Server, version 1909 (Server Core installation)
Windows Server, version 2004 (Server Core installation)

Impact

System Compromise: Remote attackers can gain control of vulnerable systems.

Recommended Actions

Apply the most recent upgrade or patch from the vendor.
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1350

References

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1350

Refer to Information on External Sites

CVE Infomation	Exploits or more Infomation
mitre	EXPLOIT DATABASE
NVD	0day.today
vulmon.com	github
CVE Details	Twitter
JVN ENG JPN
Reconshell

Software Tag: Windows(4 tweets)

List of frequently cited URLs

URL	Num of Times Referred to
http://vulmon.com/vulnerabilitydetails?qid=CVE	1505
https://reportcybercrime.com/	726
https://github	592
https://alerts.vulmon.com/l/n2	288
https://lists.astaro.com/ASGV9-IPS-rules.html	24
https://www.reddit.com/r/netsec	17
http://newsbythehour.org/cybr	15
https://www.slideshare.net/jorgeorchilles/sans-webcast-on-w...	9
https://medium.com/@datafarm.cybersecurity/exploiting-sigre...	8
http://canyoupwn.me	7
https://www.tenable.com/blog/cve-2020-1350-wormable-remote-...	7
https://blog.trendmicro.co.jp/archives/25567	6
https://ift.tt/2ZqaYow	5
https://twitter.com/search?src=sprv&q=CVE-2020-1350	5
https://www.sans.org/webcasts/about-windows-dns-vulnerabili...	5
https://blog.rapid7.com/2020/07/14/windows-dns-server-remot...	5
https://www.kaspersky.com/blog/cve-2020-1350-dns-rce/36366/	5
https://www.secure-sketch.com/blog/cve-2020-1350-sigred	5
https://blog.kaspersky.co.jp/cve-2020-1350-dns-rce/28829/	4
https://news.ycombinator.com/item?id=23847628	4
https://msrc-blog.microsoft.com/2020/07/14/july-2020-securi...	4
https://www.webhostingdiscussion.net/blog/cve-2020-1350-win...	4
http://ow.ly/PbIu50B3Ryb	3
https://bit.ly/32ooaw8	3
http://kas.pr/3baj	3
https://buff.ly/2CaF4n6	3
https://vrls.ws/posts/cve-2020-1350-windows-dns-server-vuln...	3
https://youtu.be/5Ykfk842DhU	3
https://go.shr.lc/2B5z52j	3
https://github.com/ZephrFish/CVE-2020-1350	3
https://blog.zsec.uk/cve-2020-1350-research/	3
https://isc.sans.edu/diary/26356	3
https://blog.vulcan.io/what-is-the-sigred-vulnerability-cve...	3
https://threatpost.com/critical-dns-bug-windows-servers-inf...	3
https://www.forbes.com/sites/daveywinder/2020/07/17/windows...	3
https://blog.0patch.com/2020/07/micropatch-available-for-si...	3
https://blog.qualys.com/vulnerabilities-research/2020/07/20...	3
https://www.youtube.com/watch?v=5Ykfk842DhU	3
https://blog.automox.com/critical-wormable-cve-2020-1350-vu...	3
https://blog.truesec.com/2020/07/15/sigred-cve-2020-1350-af...	3
https://doublepulsar.com/detecting-dns-cve-2020-1350-exploi...	3
https://secureinfra.blog/2020/07/15/kql-to-help-identify-sy...	3
http://tweetedtimes.com/LinuxSec?s=tnp	3
https://us-cert.cisa.gov/ncas/current-activity/2020/07/14/m...	3
https://www.askwoody.com/2020/faq-the-windows-dns-server-se...	3
https://www.kaspersky.de/blog/cve-2020-1350-dns-rce/24721/	3
https://thehackernews.com/2020/07/windows-dns-server-hackin...	3
https://www.cbronline.com/news/wormable-windows-server-vuln...	3
https://www.itmedia.co.jp/news/articles/2007/15/news069.html	3
https://www.hackplayers.com/2020/07/sigred-vulnerabilidad-c...	3
https://www.kaspersky.com.br/blog/cve-2020-1350-dns-rce/157...	3
https://www.securityweek.com/microsoft-patches-critical-wor...	3
https://support.microsoft.com/en-us/help/4569509/windows-dn...	3
https://www.graplsecurity.com/post/anatomy-of-an-exploit-rc...	3
https://packetstormsecurity.com/files/158484/CVE-2020-1350-...	3
https://research.checkpoint.com/2020/resolving-your-way-int...	3
https://www.freethreatintel.com	3
https://ipssignatures.appspot.com/?cve=CVE-2020-1350	3
https://portal.msrc.microsoft.com/en-us/security-guidance/a...	3
https://unit42.paloaltonetworks.com/cve-2020-1350/	3
https://datafarm-cybersecurity.medium.com/exploiting-sigred...	3

Information from Twitter

User	URL	Info Source	Date
WolfgangSesin	http://www.sesin.at	Source WolfgangSesin 1625287659177271298	2023/02/14
WolfgangSesin	https://www.sesin.at/2023/02/14/windows-dns-%e3%82%b5%e3%83...	Source WolfgangSesin 1625287659177271298	2023/02/14
www_sesin_at	http://www.sesin.at	Source www_sesin_at 1625287663287664642	2023/02/14
www_sesin_at	https://www.sesin.at/2023/02/14/windows-dns-%e3%82%b5%e3%83...	Source www_sesin_at 1625287663287664642	2023/02/14
WolfgangSesin	http://www.sesin.at	Source WolfgangSesin 1625287682623504385	2023/02/14
WolfgangSesin	https://www.sesin.at/2023/02/14/july-2020-security-update-c...	Source WolfgangSesin 1625287682623504385	2023/02/14
www_sesin_at	http://www.sesin.at	Source www_sesin_at 1625287687937597442	2023/02/14
www_sesin_at	https://www.sesin.at/2023/02/14/july-2020-security-update-c...	Source www_sesin_at 1625287687937597442	2023/02/14

List of frequently cited URLs

URL	Num of Times Referred to
vulmon.com	1505
reportcybercrime.com	726
github	592
alerts.vulmon.com	288
lists.astaro.com	24
www.reddit.com	17
newsbythehour.org	15
www.slideshare.net	9
medium.com	8
canyoupwn.me	7
www.tenable.com	7
blog.trendmicro.co.jp	6
ift.tt	5
twitter.com	5
www.sans.org	5
blog.rapid7.com	5
www.kaspersky.com	5
www.secure-sketch.com	5
blog.kaspersky.co.jp	4
news.ycombinator.com	4
msrc-blog.microsoft.com	4
www.webhostingdiscussion.net	4
ow.ly	3
bit.ly	3
kas.pr	3
buff.ly	3
vrls.ws	3
youtu.be	3
go.shr.lc	3
github.com	3
blog.zsec.uk	3
isc.sans.edu	3
blog.vulcan.io	3
threatpost.com	3
www.forbes.com	3
blog.0patch.com	3
blog.qualys.com	3
www.youtube.com	3
blog.automox.com	3
blog.truesec.com	3
doublepulsar.com	3
secureinfra.blog	3
tweetedtimes.com	3
us-cert.cisa.gov	3
www.askwoody.com	3
www.kaspersky.de	3
thehackernews.com	3
www.cbronline.com	3
www.itmedia.co.jp	3
www.hackplayers.com	3
www.kaspersky.com.br	3
www.securityweek.com	3
support.microsoft.com	3
www.graplsecurity.com	3
packetstormsecurity.com	3
research.checkpoint.com	3
www.freethreatintel.com	3
ipssignatures.appspot.com	3
portal.msrc.microsoft.com	3
unit42.paloaltonetworks.com	3
datafarm-cybersecurity.medium.com	3

Information from Twitter

User	URL	Info Source
WolfgangSesin	sesin.at	Show Tweet
WolfgangSesin	sesin.at	Show Tweet
www_sesin_at	sesin.at	Show Tweet
www_sesin_at	sesin.at	Show Tweet
WolfgangSesin	sesin.at	Show Tweet
WolfgangSesin	sesin.at	Show Tweet
www_sesin_at	sesin.at	Show Tweet
www_sesin_at	sesin.at	Show Tweet

GitHub Search Results: Up to 10

Name	URL
ZephrFish/CVE-2020-1350	https://github.com/ZephrFish/CVE-2020-1350
maxpl0it/CVE-2020-1350-DoS	https://github.com/maxpl0it/CVE-2020-1350-DoS
tinkersec/cve-2020-1350	https://github.com/tinkersec/cve-2020-1350
psc4re/NSE-scripts	https://github.com/psc4re/NSE-scripts
T13nn3s/CVE-2020-1350	https://github.com/T13nn3s/CVE-2020-1350
captainGeech42/CVE-2020-1350	https://github.com/captainGeech42/CVE-2020-1350
mr-r3b00t/CVE-2020-1350	https://github.com/mr-r3b00t/CVE-2020-1350
corelight/SIGRed	https://github.com/corelight/SIGRed
zoomerxsec/Fake_CVE-2020-1350	https://github.com/zoomerxsec/Fake_CVE-2020-1350
connormcgarr/CVE-2020-1350	https://github.com/connormcgarr/CVE-2020-1350

GitHub Search Results: Up to 10

Name	URL
ZephrFish/CVE-2020-1350	github.com
maxpl0it/CVE-2020-1350-DoS	github.com
tinkersec/cve-2020-1350	github.com
psc4re/NSE-scripts	github.com
T13nn3s/CVE-2020-1350	github.com
captainGeech42/CVE-2020-1350	github.com
mr-r3b00t/CVE-2020-1350	github.com
corelight/SIGRed	github.com
zoomerxsec/Fake_CVE-2020-1350	github.com
connormcgarr/CVE-2020-1350	github.com

2023/02/16 Score : 0
Added Har-sia Database : 2020/07/15
Last Modified : 2023/02/16
Highest Scored Date : 2020/07/15
Highest Score : 869