cve/CVE-2020-1013.md at eda58812c5773678e9432b65209fee245db925e7

admin/cve

mirror of https://github.com/0xMarcio/cve.git synced 2025-05-07 11:06:19 +00:00

marc 555e9c7de4 Update Sat May 25 21:48:12 CEST 2024

2024-05-25 21:48:12 +02:00

Description

An elevation of privilege vulnerability exists when Microsoft Windows processes group policy updates. An attacker who successfully exploited this vulnerability could potentially escalate permissions or perform additional privileged actions on the target machine.

To exploit this vulnerability, an attacker would need to launch a man-in-the-middle (MiTM) attack against the traffic passing between a domain controller and the target machine. An attacker could then create a group policy to grant administrator rights to a standard user.

The security update addresses the vulnerability by enforcing Kerberos authentication for certain calls over LDAP.

POC

Reference

No PoCs from references.

Github

https://github.com/404notf0und/CVE-Flow
https://github.com/ARPSyndicate/cvemon
https://github.com/BC-SECURITY/Moriarty
https://github.com/GoSecure/WSuspicious
https://github.com/GoSecure/pywsus
https://github.com/alphaSeclab/sec-daily-2020

5.0 KiB Raw Blame History

CVE-2020-1013

Description

POC

Reference

Github

5.0 KiB

Raw Blame History