Π›ΠΎΠ³ΠΎΡ‚ΠΈΠΏ exploitDog
Консоль
Π›ΠΎΠ³ΠΎΡ‚ΠΈΠΏ exploitDog

exploitDog

fstec Π»ΠΎΠ³ΠΎΡ‚ΠΈΠΏ

BDU:2020-03524

ΠžΠΏΡƒΠ±Π»ΠΈΠΊΠΎΠ²Π°Π½ΠΎ: 14 июл. 2020
Π˜ΡΡ‚ΠΎΡ‡Π½ΠΈΠΊ: fstec
CVSS3: 7
CVSS2: 6
EPSS Низкий

ОписаниС

Π£ΡΠ·Π²ΠΈΠΌΠΎΡΡ‚ΡŒ слуТбы Windows Network Connections Service ΠΎΠΏΠ΅Ρ€Π°Ρ†ΠΈΠΎΠ½Π½Ρ‹Ρ… систСм Windows связана с ошибками ΠΎΠ±Ρ€Π°Π±ΠΎΡ‚ΠΊΠΈ ΠΎΠ±ΡŠΠ΅ΠΊΡ‚ΠΎΠ² Π² памяти. Эксплуатация уязвимости ΠΌΠΎΠΆΠ΅Ρ‚ ΠΏΠΎΠ·Π²ΠΎΠ»ΠΈΡ‚ΡŒ Π½Π°Ρ€ΡƒΡˆΠΈΡ‚Π΅Π»ΡŽ ΠΏΠΎΠ²Ρ‹ΡΠΈΡ‚ΡŒ свои ΠΏΡ€ΠΈΠ²ΠΈΠ»Π΅Π³ΠΈΠΈ ΠΈ Π²Ρ‹ΠΏΠΎΠ»Π½ΠΈΡ‚ΡŒ ΠΏΡ€ΠΎΠΈΠ·Π²ΠΎΠ»ΡŒΠ½Ρ‹ΠΉ ΠΊΠΎΠ΄ с ΠΏΠΎΠΌΠΎΡ‰ΡŒΡŽ ΡΠΏΠ΅Ρ†ΠΈΠ°Π»ΡŒΠ½ΠΎ созданного прилоТСния

Π’Π΅Π½Π΄ΠΎΡ€

Microsoft Corp

НаимСнованиС ПО

Windows

ВСрсия ПО

Server 2008 R2 SP1 (Windows)
Server 2008 SP2 (Windows)
8.1 (Windows)
8.1 (Windows)
Server 2008 SP2 (Windows)
Server 2012 (Windows)
Server 2012 R2 (Windows)
10 (Windows)
10 (Windows)
10 1607 (Windows)
10 1607 (Windows)
Server 2016 (Windows)
7 SP1 (Windows)
8.1 RT (Windows)
Server 2008 SP2 Server Core installation (Windows)
Server 2008 SP2 Server Core installation (Windows)
Server 2012 R2 Server Core installation (Windows)
Server 2016 Server Core installation (Windows)
Server 2008 R2 SP1 Server Core installation (Windows)
Server 2012 Server Core installation (Windows)
10 1709 (Windows)
10 1709 (Windows)
10 1803 (Windows)
10 1803 (Windows)
10 1809 (Windows)
10 1809 (Windows)
Server 2019 (Windows)
Server 2019 Server Core installation (Windows)
10 1809 (Windows)
10 1709 (Windows)
10 1803 (Windows)
10 1903 (Windows)
10 1903 (Windows)
10 1903 (Windows)
Server 1903 Server Core Installation (Windows)
10 1909 (Windows)
10 1909 (Windows)
10 1909 (Windows)
Server 1909 Server Core Installation (Windows)
10 2004 (Windows)
10 2004 (Windows)
10 2004 (Windows)
Server 2004 Server Core Installation (Windows)

Вип ПО

ΠžΠΏΠ΅Ρ€Π°Ρ†ΠΈΠΎΠ½Π½Π°Ρ систСма

ΠžΠΏΠ΅Ρ€Π°Ρ†ΠΈΠΎΠ½Π½Ρ‹Π΅ систСмы ΠΈ Π°ΠΏΠΏΠ°Ρ€Π°Ρ‚Π½Ρ‹Π΅ ΠΏΠ»Π°Ρ‚Ρ„ΠΎΡ€ΠΌΡ‹

Microsoft Corp Windows Server 2008 R2 SP1
Microsoft Corp Windows Server 2008 SP2
Microsoft Corp Windows 8.1
Microsoft Corp Windows 8.1
Microsoft Corp Windows Server 2008 SP2
Microsoft Corp Windows Server 2012
Microsoft Corp Windows Server 2012 R2
Microsoft Corp Windows 10
Microsoft Corp Windows 10
Microsoft Corp Windows 10 1607
Microsoft Corp Windows 10 1607
Microsoft Corp Windows Server 2016
Microsoft Corp Windows 7 SP1
Microsoft Corp Windows 8.1 RT
Microsoft Corp Windows Server 2008 SP2 Server Core installation
Microsoft Corp Windows Server 2008 SP2 Server Core installation
Microsoft Corp Windows Server 2012 R2 Server Core installation
Microsoft Corp Windows Server 2016 Server Core installation
Microsoft Corp Windows Server 2008 R2 SP1 Server Core installation
Microsoft Corp Windows Server 2012 Server Core installation
Microsoft Corp Windows 10 1709
Microsoft Corp Windows 10 1709
Microsoft Corp Windows 10 1803
Microsoft Corp Windows 10 1803
Microsoft Corp Windows 10 1809
Microsoft Corp Windows 10 1809
Microsoft Corp Windows Server 2019
Microsoft Corp Windows Server 2019 Server Core installation
Microsoft Corp Windows 10 1809
Microsoft Corp Windows 10 1709
Microsoft Corp Windows 10 1803
Microsoft Corp Windows 10 1903
Microsoft Corp Windows 10 1903
Microsoft Corp Windows 10 1903
Microsoft Corp Windows Server 1903 Server Core Installation
Microsoft Corp Windows 10 1909
Microsoft Corp Windows 10 1909
Microsoft Corp Windows 10 1909
Microsoft Corp Windows Server 1909 Server Core Installation
Microsoft Corp Windows 10 2004
Microsoft Corp Windows 10 2004
Microsoft Corp Windows 10 2004
Microsoft Corp Windows Server 2004 Server Core Installation

Π£Ρ€ΠΎΠ²Π΅Π½ΡŒ опасности уязвимости

Π‘Ρ€Π΅Π΄Π½ΠΈΠΉ ΡƒΡ€ΠΎΠ²Π΅Π½ΡŒ опасности (базовая ΠΎΡ†Π΅Π½ΠΊΠ° CVSS 2.0 составляСт 6)
Высокий ΡƒΡ€ΠΎΠ²Π΅Π½ΡŒ опасности (базовая ΠΎΡ†Π΅Π½ΠΊΠ° CVSS 3.0 составляСт 7)

Π’ΠΎΠ·ΠΌΠΎΠΆΠ½Ρ‹Π΅ ΠΌΠ΅Ρ€Ρ‹ ΠΏΠΎ ΡƒΡΡ‚Ρ€Π°Π½Π΅Π½ΠΈΡŽ уязвимости

ИспользованиС Ρ€Π΅ΠΊΠΎΠΌΠ΅Π½Π΄Π°Ρ†ΠΈΠΉ:
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1427

Бтатус уязвимости

ΠŸΠΎΠ΄Ρ‚Π²Π΅Ρ€ΠΆΠ΄Π΅Π½Π° ΠΏΡ€ΠΎΠΈΠ·Π²ΠΎΠ΄ΠΈΡ‚Π΅Π»Π΅ΠΌ

НаличиС эксплойта

Π”Π°Π½Π½Ρ‹Π΅ ΡƒΡ‚ΠΎΡ‡Π½ΡΡŽΡ‚ΡΡ

Π˜Π½Ρ„ΠΎΡ€ΠΌΠ°Ρ†ΠΈΡ ΠΎΠ± устранСнии

Π£ΡΠ·Π²ΠΈΠΌΠΎΡΡ‚ΡŒ устранСна

Бсылки Π½Π° источники

Π˜Π΄Π΅Π½Ρ‚ΠΈΡ„ΠΈΠΊΠ°Ρ‚ΠΎΡ€Ρ‹ Π΄Ρ€ΡƒΠ³ΠΈΡ… систСм описаний уязвимостСй

EPSS

ΠŸΡ€ΠΎΡ†Π΅Π½Ρ‚ΠΈΠ»ΡŒ: 66%
0.00513
Низкий

7 High

CVSS3

6 Medium

CVSS2

БвязанныС уязвимости

nvd Π»ΠΎΠ³ΠΎΡ‚ΠΈΠΏ

CVE-2020-1427

CVSS3: 7.8
nvd
ΠΎΠΊΠΎΠ»ΠΎ 5 Π»Π΅Ρ‚ Π½Π°Π·Π°Π΄

An elevation of privilege vulnerability exists in the way that the Windows Network Connections Service handles objects in memory, aka 'Windows Network Connections Service Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-1373, CVE-2020-1390, CVE-2020-1428, CVE-2020-1438.

msrc Π»ΠΎΠ³ΠΎΡ‚ΠΈΠΏ

CVE-2020-1427

CVSS3: 7
msrc
ΠΎΠΊΠΎΠ»ΠΎ 5 Π»Π΅Ρ‚ Π½Π°Π·Π°Π΄

Windows Network Connections Service Elevation of Privilege Vulnerability

github Π»ΠΎΠ³ΠΎΡ‚ΠΈΠΏ

GHSA-7fxc-wh73-vhv8

github
ΠΎΠΊΠΎΠ»ΠΎ 3 Π»Π΅Ρ‚ Π½Π°Π·Π°Π΄

An elevation of privilege vulnerability exists in the way that the Windows Network Connections Service handles objects in memory, aka 'Windows Network Connections Service Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-1373, CVE-2020-1390, CVE-2020-1428, CVE-2020-1438.

EPSS

ΠŸΡ€ΠΎΡ†Π΅Π½Ρ‚ΠΈΠ»ΡŒ: 66%
0.00513
Низкий

7 High

CVSS3

6 Medium

CVSS2

Π£ΡΠ·Π²ΠΈΠΌΠΎΡΡ‚ΡŒ BDU:2020-03524