Attacker Value
Unknown
CVE-2020-17049
CVE-2020-17049
(Last updated November 24, 2020) ▾
MITRE ATT&CK
Login with GitHub to add MITRE ATT&CK tag
Add MITRE ATT&CK tactics and techniques that apply to this CVE.
Add Assessment
3
Technical Analysis
Technical analysis and exploit of the vulnerability are now publicly available:
https://blog.netspi.com/cve-2020-17049-kerberos-bronze-bit-overview/
https://blog.netspi.com/cve-2020-17049-kerberos-bronze-bit-theory/
https://blog.netspi.com/cve-2020-17049-kerberos-bronze-bit-attack/
2
Technical Analysis
Based on https://twitter.com/jakekarnes42/status/1329825159247642624
“The vulnerability impacts constrained delegation, which could be present in a single domain/forest. “
Note that the patch itself requires registry keys to be entered. Merely installing updates does not appear to protect the domain. There are issues introduced by this patch with Citrix and Federated Authentication service. (source https://twitter.com/mrgrayaz/status/1328517824633978912)
CVSS V3 Severity and Metrics
Data provided by the National Vulnerability Database (NVD)
Base Score:
7.2 High
Impact Score:
5.9
Exploitability Score:
1.2
Attack Vector (AV):
Network
Attack Complexity (AC):
Low
Privileges Required (PR):
High
User Interaction (UI):
None
Scope (S):
Unchanged
Confidentiality (C):
High
Integrity (I):
High
Availability (A):
High
General Information
Vendors
- Microsoft
Products
- Windows Server,
- Windows Server, version 1909 (Server Core installation),
- Windows Server, version 1903 (Server Core installation),
- Windows Server, version 2004 (Server Core installation),
- Windows Server, version 20H2 (Server Core Installation)
Exploited in the Wild
Reported: December 09, 2020 12:22am UTC (4 months ago)
