Show filters

Showing topic results for "CVE-2020-1350":

(1-1 of 1)

Sort by:
Attacker Value
Very High

CVE-2020-1350 Windows DNS Server Remote Code Execution (SigRed)

Disclosure Date: July 14, 2020 (last updated July 27, 2020)
A remote code execution vulnerability codenamed "SigRed" exists in Windows Domain Name System servers when they fail to properly handle requests. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the Local System Account. Windows servers that are configured as DNS servers are at risk from this vulnerability. To exploit the vulnerability, an unauthenticated attacker could send malicious requests to a Windows DNS server. The update addresses the vulnerability by modifying how Windows DNS servers handle requests.