CVE-2020-1472
Detail
Description
An elevation of privilege vulnerability exists when an attacker establishes a vulnerable Netlogon secure channel connection to a domain controller, using the Netlogon Remote Protocol (MS-NRPC). An attacker who successfully exploited the vulnerability could run a specially crafted application on a device on the network.
To exploit the vulnerability, an unauthenticated attacker would be required to use MS-NRPC to connect to a domain controller to obtain domain administrator access.
Microsoft is addressing the vulnerability in a phased two-part rollout. These updates address the vulnerability by modifying how Netlogon handles the usage of Netlogon secure channels.
For guidelines on how to manage the changes required for this vulnerability and more information on the phased rollout, see How to manage the changes in Netlogon secure channel connections associated with CVE-2020-1472 (updated September 28, 2020).
When the second phase of Windows updates become available in Q1 2021, customers will be notified via a revision to this security vulnerability. If you wish to be notified when these updates are released, we recommend that you register for the security notifications mailer to be alerted of content changes to this advisory. See Microsoft Technical Security Notifications.
Metrics
β
NVD enrichment efforts reference publicly available information to associate
vector strings. CVSS information contributed by other sources is also
displayed.
CVSS 4.0 Severity and Vector Strings:
NVD assessment
not yet provided.
CVSS 3.x Severity and Vector Strings:
Vector:
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
CNA: Microsoft Corporation
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
CVSS 2.0 Severity and Vector Strings:
Vector:
(AV:N/AC:M/Au:N/C:C/I:C/A:C)
References to Advisories, Solutions, and Tools
By selecting these links, you will be leaving NIST webspace.
We have provided these links to other web sites because they
may have information that would be of interest to you. No
inferences should be drawn on account of other sites being
referenced, or not, from this page. There may be other web
sites that are more appropriate for your purpose. NIST does
not necessarily endorse the views expressed, or concur with
the facts presented on these sites. Further, NIST does not
endorse any commercial products that may be mentioned on
these sites. Please address comments about this page to [email protected].
| URL |
Source(s) |
Tag(s) |
|
http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00080.html
|
CVE, Microsoft Corporation |
Mailing List
Third Party Advisory
|
|
http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00086.html
|
CVE, Microsoft Corporation |
Mailing List
Third Party Advisory
|
|
http://packetstormsecurity.com/files/159190/Zerologon-Proof-Of-Concept.html
|
CVE, Microsoft Corporation |
Third Party Advisory
VDB Entry
|
|
http://packetstormsecurity.com/files/160127/Zerologon-Netlogon-Privilege-Escalation.html
|
CVE, Microsoft Corporation |
Exploit
Third Party Advisory
VDB Entry
|
|
http://www.openwall.com/lists/oss-security/2020/09/17/2
|
CVE, Microsoft Corporation |
Mailing List
Third Party Advisory
|
|
https://lists.debian.org/debian-lts-announce/2020/11/msg00041.html
|
CVE, Microsoft Corporation |
Mailing List
Third Party Advisory
|
|
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/H4OTFBL6YDVFH2TBJFJIE4FMHPJEEJK3/
|
CVE, Microsoft Corporation |
Mailing List
Third Party Advisory
|
|
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ST6X3A2XXYMGD4INR26DQ4FP4QSM753B/
|
CVE, Microsoft Corporation |
Mailing List
Third Party Advisory
|
|
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TAPQQZZAT4TG3XVRTAFV2Y3S7OAHFBUP/
|
CVE, Microsoft Corporation |
Mailing List
Third Party Advisory
|
|
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1472
|
CVE, Microsoft Corporation |
Patch
Vendor Advisory
|
|
https://security.gentoo.org/glsa/202012-24
|
CVE, Microsoft Corporation |
Third Party Advisory
|
|
https://usn.ubuntu.com/4510-1/
|
CVE, Microsoft Corporation |
Third Party Advisory
|
|
https://usn.ubuntu.com/4510-2/
|
CVE, Microsoft Corporation |
Third Party Advisory
|
|
https://usn.ubuntu.com/4559-1/
|
CVE, Microsoft Corporation |
Third Party Advisory
|
|
https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2020-1472
|
CISA-ADP |
US Government Resource
|
|
https://www.kb.cert.org/vuls/id/490028
|
CVE, Microsoft Corporation |
Third Party Advisory
US Government Resource
|
|
https://www.oracle.com/security-alerts/cpuApr2021.html
|
CVE, Microsoft Corporation |
Patch
Third Party Advisory
|
|
https://www.synology.com/security/advisory/Synology_SA_20_21
|
CVE, Microsoft Corporation |
Third Party Advisory
|
This CVE is in CISA's Known Exploited Vulnerabilities Catalog
Reference
CISA's BOD 22-01 and Known
Exploited Vulnerabilities Catalog for further guidance and requirements.
| Vulnerability Name |
Date Added |
Due Date |
Required Action |
| Microsoft Netlogon Privilege Escalation Vulnerability |
11/03/2021 |
05/03/2022 |
Apply updates per vendor instructions. |
Change History
37 change records found show changes
CVE Modified by CISA-ADP
6/16/2026 11:01:29 PM
| Action |
Type |
Old Value |
New Value |
| Added |
SSVC |
{"timestamp":"2024-01-30T18:45:11.261978Z","id":"CVE-2020-1472","options":[{"exploitation":"active"},{"automatable":"yes"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}
|
CVE Modified by Microsoft Corporation
6/16/2026 11:01:29 PM
| Action |
Type |
Old Value |
New Value |
| Added |
Affected |
Record truncated, showing 2048 of 3896 characters.
View Entire Change Record
[{"vendor":"Microsoft","product":"Windows Server version 2004","cpes":["cpe:2.3:o:microsoft:windows_server_2004:*:*:*:*:*:*:*:*"],"platforms":["x64-based Systems"],"versions":[{"version":"10.0.0","lessThan":"publication","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows Server 2019","cpes":["cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*"],"platforms":["x64-based Systems"],"versions":[{"version":"10.0.0","lessThan":"publication","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows Server 2019 (Server Core installation)","cpes":["cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*"],"platforms":["x64-based Systems"],"versions":[{"version":"10.0.0","lessThan":"publication","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows Server, version 1909 (Server Core installation)","cpes":["cpe:2.3:o:microsoft:windows_server_1909:*:*:*:*:*:*:*:*"],"platforms":["x64-based Systems"],"versions":[{"version":"10.0.0","lessThan":"publication","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows Server, version 1903 (Server Core installation)","cpes":["cpe:2.3:o:microsoft:windows_server_1903:*:*:*:*:*:*:*:*"],"platforms":["x64-based Systems"],"versions":[{"version":"10.0.0","lessThan":"publication","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows Server 2016","cpes":["cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*"],"platforms":["x64-based Systems"],"versions":[{"version":"10.0.0","lessThan":"publication","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows Server 2016 (Server Core installation)","cpes":["cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*"],"platforms":["x64-based Systems"],"versions":[{"version":"10.0.0","lessThan":"publication","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows Server 2008 R2 Service Pack 1","cpes":["cpe:2.3:o:microsoft:window
|
Modified Analysis by NIST
2/23/2026 3:30:36 PM
| Action |
Type |
Old Value |
New Value |
CVE Modified by Microsoft Corporation
2/23/2026 1:25:11 PM
| Action |
Type |
Old Value |
New Value |
| Changed |
Description |
An elevation of privilege vulnerability exists when an attacker establishes a vulnerable Netlogon secure channel connection to a domain controller, using the Netlogon Remote Protocol (MS-NRPC). An attacker who successfully exploited the vulnerability could run a specially crafted application on a device on the network.
To exploit the vulnerability, an unauthenticated attacker would be required to use MS-NRPC to connect to a domain controller to obtain domain administrator access.
Microsoft is addressing the vulnerability in a phased two-part rollout. These updates address the vulnerability by modifying how Netlogon handles the usage of Netlogon secure channels.
For guidelines on how to manage the changes required for this vulnerability and more information on the phased rollout, see How to manage the changes in Netlogon secure channel connections associated with CVE-2020-1472 (updated September 28, 2020).
When the second phase of Windows updates become available in Q1 2021, customers will be notified via a revision to this security vulnerability. If you wish to be notified when these updates are released, we recommend that you register for the security notifications mailer to be alerted of content changes to this advisory. See Microsoft Technical Security Notifications.
|
An elevation of privilege vulnerability exists when an attacker establishes a vulnerable Netlogon secure channel connection to a domain controller, using the Netlogon Remote Protocol (MS-NRPC). An attacker who successfully exploited the vulnerability could run a specially crafted application on a device on the network.
To exploit the vulnerability, an unauthenticated attacker would be required to use MS-NRPC to connect to a domain controller to obtain domain administrator access.
Microsoft is addressing the vulnerability in a phased two-part rollout. These updates address the vulnerability by modifying how Netlogon handles the usage of Netlogon secure channels.
For guidelines on how to manage the changes required for this vulnerability and more information on the phased rollout, see How to manage the changes in Netlogon secure channel connections associated with CVE-2020-1472 (updated September 28, 2020).
When the second phase of Windows updates become available in Q1 2021, customers will be notified via a revision to this security vulnerability. If you wish to be notified when these updates are released, we recommend that you register for the security notifications mailer to be alerted of content changes to this advisory. See Microsoft Technical Security Notifications.
|
CVE CISA KEV Update by Cybersecurity and Infrastructure Security Agency (CISA) U.S. Civilian Government
12/17/2025 9:00:02 PM
| Action |
Type |
Old Value |
New Value |
| Changed |
Due Date |
2020-09-21
|
2022-05-03
|
Modified Analysis by NIST
10/29/2025 9:54:15 AM
| Action |
Type |
Old Value |
New Value |
| Added |
Reference Type |
CISA-ADP: https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2020-1472 Types: US Government Resource
|
CVE Modified by CISA-ADP
10/21/2025 8:17:02 PM
| Action |
Type |
Old Value |
New Value |
| Added |
Reference |
https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2020-1472
|
CVE Modified by CISA-ADP
10/21/2025 4:17:53 PM
| Action |
Type |
Old Value |
New Value |
| Removed |
Reference |
https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2020-1472
|
CVE Modified by CISA-ADP
10/21/2025 3:18:26 PM
| Action |
Type |
Old Value |
New Value |
| Added |
Reference |
https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2020-1472
|
Modified Analysis by NIST
3/07/2025 10:52:30 AM
| Action |
Type |
Old Value |
New Value |
| Added |
CWE |
NVD-CWE-noinfo
|
| Removed |
CWE |
CWE-330
|
CVE Modified by CVE
11/21/2024 12:10:37 AM
| Action |
Type |
Old Value |
New Value |
| Added |
Reference |
http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00080.html
|
| Added |
Reference |
http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00086.html
|
| Added |
Reference |
http://packetstormsecurity.com/files/159190/Zerologon-Proof-Of-Concept.html
|
| Added |
Reference |
http://packetstormsecurity.com/files/160127/Zerologon-Netlogon-Privilege-Escalation.html
|
| Added |
Reference |
http://www.openwall.com/lists/oss-security/2020/09/17/2
|
| Added |
Reference |
https://lists.debian.org/debian-lts-announce/2020/11/msg00041.html
|
| Added |
Reference |
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/H4OTFBL6YDVFH2TBJFJIE4FMHPJEEJK3/
|
| Added |
Reference |
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ST6X3A2XXYMGD4INR26DQ4FP4QSM753B/
|
| Added |
Reference |
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TAPQQZZAT4TG3XVRTAFV2Y3S7OAHFBUP/
|
| Added |
Reference |
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1472
|
| Added |
Reference |
https://security.gentoo.org/glsa/202012-24
|
| Added |
Reference |
https://usn.ubuntu.com/4510-1/
|
| Added |
Reference |
https://usn.ubuntu.com/4510-2/
|
| Added |
Reference |
https://usn.ubuntu.com/4559-1/
|
| Added |
Reference |
https://www.kb.cert.org/vuls/id/490028
|
| Added |
Reference |
https://www.oracle.com/security-alerts/cpuApr2021.html
|
| Added |
Reference |
https://www.synology.com/security/advisory/Synology_SA_20_21
|
CVE Modified by Microsoft Corporation
5/28/2024 5:15:22 PM
| Action |
Type |
Old Value |
New Value |
Modified Analysis by NIST
5/23/2024 1:56:29 PM
| Action |
Type |
Old Value |
New Value |
| Changed |
CPE Configuration |
OR
*cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*
*cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*
*cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*
*cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*
*cpe:2.3:o:microsoft:windows_server_2016:1903:*:*:*:*:*:*:*
*cpe:2.3:o:microsoft:windows_server_2016:1909:*:*:*:*:*:*:*
*cpe:2.3:o:microsoft:windows_server_2016:2004:*:*:*:*:*:*:*
*cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*
|
OR
*cpe:2.3:o:microsoft:windows_server_1903:*:*:*:*:*:*:*:*
*cpe:2.3:o:microsoft:windows_server_1909:*:*:*:*:*:*:*:*
*cpe:2.3:o:microsoft:windows_server_2004:-:*:*:*:*:*:*:*
*cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*
*cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*
*cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*
*cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*
*cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*
*cpe:2.3:o:microsoft:windows_server_20h2:-:*:*:*:*:*:*:*
|
| Changed |
Reference Type |
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/H4OTFBL6YDVFH2TBJFJIE4FMHPJEEJK3/ No Types Assigned
|
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/H4OTFBL6YDVFH2TBJFJIE4FMHPJEEJK3/ Mailing List, Third Party Advisory
|
| Changed |
Reference Type |
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ST6X3A2XXYMGD4INR26DQ4FP4QSM753B/ No Types Assigned
|
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ST6X3A2XXYMGD4INR26DQ4FP4QSM753B/ Mailing List, Third Party Advisory
|
| Changed |
Reference Type |
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TAPQQZZAT4TG3XVRTAFV2Y3S7OAHFBUP/ No Types Assigned
|
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TAPQQZZAT4TG3XVRTAFV2Y3S7OAHFBUP/ Mailing List, Third Party Advisory
|
CVE Modified by Microsoft Corporation
5/14/2024 2:40:08 AM
| Action |
Type |
Old Value |
New Value |
CVE Modified by Microsoft Corporation
1/18/2024 7:15:11 PM
| Action |
Type |
Old Value |
New Value |
| Changed |
Description |
<p>An elevation of privilege vulnerability exists when an attacker establishes a vulnerable Netlogon secure channel connection to a domain controller, using the Netlogon Remote Protocol (<a href="https://docs.microsoft.com/openspecs/windows_protocols/ms-nrpc/ff8f970f-3e37-40f7-bd4b-af7336e4792f">MS-NRPC</a>). An attacker who successfully exploited the vulnerability could run a specially crafted application on a device on the network.</p>
<p>To exploit the vulnerability, an unauthenticated attacker would be required to use MS-NRPC to connect to a domain controller to obtain domain administrator access.</p>
<p>Microsoft is addressing the vulnerability in a phased two-part rollout. These updates address the vulnerability by modifying how Netlogon handles the usage of Netlogon secure channels.</p>
<p>For guidelines on how to manage the changes required for this vulnerability and more information on the phased rollout, see <a href="https://support.microsoft.com/kb/4557222">How to manage the changes in Netlogon secure channel connections associated with CVE-2020-1472</a> (updated September 28, 2020).</p>
<p>When the second phase of Windows updates become available in Q1 2021, customers will be notified via a revision to this security vulnerability. If you wish to be notified when these updates are released, we recommend that you register for the security notifications mailer to be alerted of content changes to this advisory. See <a href="https://technet.microsoft.com/en-us/security/dd252948">Microsoft Technical Security Notifications</a>.</p>
|
An elevation of privilege vulnerability exists when an attacker establishes a vulnerable Netlogon secure channel connection to a domain controller, using the Netlogon Remote Protocol (MS-NRPC). An attacker who successfully exploited the vulnerability could run a specially crafted application on a device on the network.
To exploit the vulnerability, an unauthenticated attacker would be required to use MS-NRPC to connect to a domain controller to obtain domain administrator access.
Microsoft is addressing the vulnerability in a phased two-part rollout. These updates address the vulnerability by modifying how Netlogon handles the usage of Netlogon secure channels.
For guidelines on how to manage the changes required for this vulnerability and more information on the phased rollout, see How to manage the changes in Netlogon secure channel connections associated with CVE-2020-1472 (updated September 28, 2020).
When the second phase of Windows updates become available in Q1 2021, customers will be notified via a revision to this security vulnerability. If you wish to be notified when these updates are released, we recommend that you register for the security notifications mailer to be alerted of content changes to this advisory. See Microsoft Technical Security Notifications.
|
CVE Modified by Microsoft Corporation
1/03/2024 9:15:12 PM
| Action |
Type |
Old Value |
New Value |
| Changed |
Description |
An elevation of privilege vulnerability exists when an attacker establishes a vulnerable Netlogon secure channel connection to a domain controller, using the Netlogon Remote Protocol (MS-NRPC), aka 'Netlogon Elevation of Privilege Vulnerability'.
|
<p>An elevation of privilege vulnerability exists when an attacker establishes a vulnerable Netlogon secure channel connection to a domain controller, using the Netlogon Remote Protocol (<a href="https://docs.microsoft.com/openspecs/windows_protocols/ms-nrpc/ff8f970f-3e37-40f7-bd4b-af7336e4792f">MS-NRPC</a>). An attacker who successfully exploited the vulnerability could run a specially crafted application on a device on the network.</p>
<p>To exploit the vulnerability, an unauthenticated attacker would be required to use MS-NRPC to connect to a domain controller to obtain domain administrator access.</p>
<p>Microsoft is addressing the vulnerability in a phased two-part rollout. These updates address the vulnerability by modifying how Netlogon handles the usage of Netlogon secure channels.</p>
<p>For guidelines on how to manage the changes required for this vulnerability and more information on the phased rollout, see <a href="https://support.microsoft.com/kb/4557222">How to manage the changes in Netlogon secure channel connections associated with CVE-2020-1472</a> (updated September 28, 2020).</p>
<p>When the second phase of Windows updates become available in Q1 2021, customers will be notified via a revision to this security vulnerability. If you wish to be notified when these updates are released, we recommend that you register for the security notifications mailer to be alerted of content changes to this advisory. See <a href="https://technet.microsoft.com/en-us/security/dd252948">Microsoft Technical Security Notifications</a>.</p>
|
| Added |
CVSS V3.1 |
Microsoft Corporation AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
|
CVE Modified by Microsoft Corporation
11/06/2023 10:19:23 PM
| Action |
Type |
Old Value |
New Value |
| Added |
Reference |
Microsoft Corporation https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/H4OTFBL6YDVFH2TBJFJIE4FMHPJEEJK3/ [No types assigned]
|
| Added |
Reference |
Microsoft Corporation https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ST6X3A2XXYMGD4INR26DQ4FP4QSM753B/ [No types assigned]
|
| Added |
Reference |
Microsoft Corporation https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TAPQQZZAT4TG3XVRTAFV2Y3S7OAHFBUP/ [No types assigned]
|
| Removed |
Reference |
Microsoft Corporation https://lists.fedoraproject.org/archives/list/[email protected]/message/H4OTFBL6YDVFH2TBJFJIE4FMHPJEEJK3/
|
| Removed |
Reference |
Microsoft Corporation https://lists.fedoraproject.org/archives/list/[email protected]/message/ST6X3A2XXYMGD4INR26DQ4FP4QSM753B/
|
| Removed |
Reference |
Microsoft Corporation https://lists.fedoraproject.org/archives/list/[email protected]/message/TAPQQZZAT4TG3XVRTAFV2Y3S7OAHFBUP/
|
Modified Analysis by NIST
4/26/2022 1:06:38 PM
| Action |
Type |
Old Value |
New Value |
| Changed |
CPE Configuration |
OR
*cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*
*cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*
*cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*
|
OR
*cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*
*cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*
*cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*
*cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*
*cpe:2.3:o:canonical:ubuntu_linux:20.04:*:*:*:lts:*:*:*
|
| Changed |
CPE Configuration |
OR
*cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:*
*cpe:2.3:o:fedoraproject:fedora:33:*:*:*:*:*:*:*
|
OR
*cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*
*cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:*
*cpe:2.3:o:fedoraproject:fedora:33:*:*:*:*:*:*:*
|
| Added |
CPE Configuration |
OR
*cpe:2.3:a:oracle:zfs_storage_appliance_kit:8.8:*:*:*:*:*:*:*
|
| Added |
CPE Configuration |
OR
*cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
|
| Changed |
Reference Type |
http://packetstormsecurity.com/files/160127/Zerologon-Netlogon-Privilege-Escalation.html No Types Assigned
|
http://packetstormsecurity.com/files/160127/Zerologon-Netlogon-Privilege-Escalation.html Exploit, Third Party Advisory, VDB Entry
|
| Changed |
Reference Type |
https://lists.debian.org/debian-lts-announce/2020/11/msg00041.html No Types Assigned
|
https://lists.debian.org/debian-lts-announce/2020/11/msg00041.html Mailing List, Third Party Advisory
|
| Changed |
Reference Type |
https://lists.fedoraproject.org/archives/list/[email protected]/message/H4OTFBL6YDVFH2TBJFJIE4FMHPJEEJK3/ Third Party Advisory
|
https://lists.fedoraproject.org/archives/list/[email protected]/message/H4OTFBL6YDVFH2TBJFJIE4FMHPJEEJK3/ Mailing List, Third Party Advisory
|
| Changed |
Reference Type |
https://lists.fedoraproject.org/archives/list/[email protected]/message/ST6X3A2XXYMGD4INR26DQ4FP4QSM753B/ No Types Assigned
|
https://lists.fedoraproject.org/archives/list/[email protected]/message/ST6X3A2XXYMGD4INR26DQ4FP4QSM753B/ Mailing List, Third Party Advisory
|
| Changed |
Reference Type |
https://lists.fedoraproject.org/archives/list/[email protected]/message/TAPQQZZAT4TG3XVRTAFV2Y3S7OAHFBUP/ Third Party Advisory
|
https://lists.fedoraproject.org/archives/list/[email protected]/message/TAPQQZZAT4TG3XVRTAFV2Y3S7OAHFBUP/ Mailing List, Third Party Advisory
|
| Changed |
Reference Type |
https://security.gentoo.org/glsa/202012-24 No Types Assigned
|
https://security.gentoo.org/glsa/202012-24 Third Party Advisory
|
| Changed |
Reference Type |
https://usn.ubuntu.com/4559-1/ No Types Assigned
|
https://usn.ubuntu.com/4559-1/ Third Party Advisory
|
| Changed |
Reference Type |
https://www.oracle.com/security-alerts/cpuApr2021.html No Types Assigned
|
https://www.oracle.com/security-alerts/cpuApr2021.html Patch, Third Party Advisory
|
CWE Remap by NIST
7/21/2021 7:39:23 AM
| Action |
Type |
Old Value |
New Value |
| Changed |
CWE |
CWE-269
|
CWE-330
|
CVE Modified by Microsoft Corporation
6/14/2021 2:15:23 PM
| Action |
Type |
Old Value |
New Value |
| Added |
Reference |
https://www.oracle.com/security-alerts/cpuApr2021.html [No Types Assigned]
|
CVE Modified by Microsoft Corporation
12/24/2020 11:15:14 AM
| Action |
Type |
Old Value |
New Value |
| Added |
Reference |
https://security.gentoo.org/glsa/202012-24 [No Types Assigned]
|
CVE Modified by Microsoft Corporation
11/23/2020 12:15:12 AM
| Action |
Type |
Old Value |
New Value |
| Added |
Reference |
https://lists.debian.org/debian-lts-announce/2020/11/msg00041.html [No Types Assigned]
|
CVE Modified by Microsoft Corporation
11/18/2020 6:15:12 PM
| Action |
Type |
Old Value |
New Value |
| Added |
Reference |
http://packetstormsecurity.com/files/160127/Zerologon-Netlogon-Privilege-Escalation.html [No Types Assigned]
|
CVE Modified by Microsoft Corporation
10/05/2020 6:15:16 PM
| Action |
Type |
Old Value |
New Value |
| Added |
Reference |
https://usn.ubuntu.com/4559-1/ [No Types Assigned]
|
CVE Modified by Microsoft Corporation
10/03/2020 11:15:12 PM
| Action |
Type |
Old Value |
New Value |
| Added |
Reference |
https://lists.fedoraproject.org/archives/list/[email protected]/message/ST6X3A2XXYMGD4INR26DQ4FP4QSM753B/ [No Types Assigned]
|
Modified Analysis by NIST
9/28/2020 9:48:05 AM
| Action |
Type |
Old Value |
New Value |
| Added |
CPE Configuration |
OR
*cpe:2.3:a:samba:samba:*:*:*:*:*:*:*:* versions up to (excluding) 4.10.18
*cpe:2.3:a:samba:samba:*:*:*:*:*:*:*:* versions from (including) 4.11.0 up to (excluding) 4.11.13
*cpe:2.3:a:samba:samba:*:*:*:*:*:*:*:* versions from (including) 4.12.0 up to (excluding) 4.12.7
|
| Added |
CPE Configuration |
OR
*cpe:2.3:a:synology:directory_server:*:*:*:*:*:*:*:* versions up to (excluding) 4.4.5-0101
|
| Added |
CPE Configuration |
OR
*cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*
*cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*
*cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*
|
| Added |
CPE Configuration |
OR
*cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:*
*cpe:2.3:o:fedoraproject:fedora:33:*:*:*:*:*:*:*
|
| Added |
CPE Configuration |
OR
*cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*
*cpe:2.3:o:opensuse:leap:15.2:*:*:*:*:*:*:*
|
| Changed |
Reference Type |
http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00080.html No Types Assigned
|
http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00080.html Mailing List, Third Party Advisory
|
| Changed |
Reference Type |
http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00086.html No Types Assigned
|
http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00086.html Mailing List, Third Party Advisory
|
| Changed |
Reference Type |
http://packetstormsecurity.com/files/159190/Zerologon-Proof-Of-Concept.html No Types Assigned
|
http://packetstormsecurity.com/files/159190/Zerologon-Proof-Of-Concept.html Third Party Advisory, VDB Entry
|
| Changed |
Reference Type |
http://www.openwall.com/lists/oss-security/2020/09/17/2 No Types Assigned
|
http://www.openwall.com/lists/oss-security/2020/09/17/2 Mailing List, Third Party Advisory
|
| Changed |
Reference Type |
https://lists.fedoraproject.org/archives/list/[email protected]/message/H4OTFBL6YDVFH2TBJFJIE4FMHPJEEJK3/ No Types Assigned
|
https://lists.fedoraproject.org/archives/list/[email protected]/message/H4OTFBL6YDVFH2TBJFJIE4FMHPJEEJK3/ Third Party Advisory
|
| Changed |
Reference Type |
https://lists.fedoraproject.org/archives/list/[email protected]/message/TAPQQZZAT4TG3XVRTAFV2Y3S7OAHFBUP/ No Types Assigned
|
https://lists.fedoraproject.org/archives/list/[email protected]/message/TAPQQZZAT4TG3XVRTAFV2Y3S7OAHFBUP/ Third Party Advisory
|
| Changed |
Reference Type |
https://usn.ubuntu.com/4510-1/ No Types Assigned
|
https://usn.ubuntu.com/4510-1/ Third Party Advisory
|
| Changed |
Reference Type |
https://usn.ubuntu.com/4510-2/ No Types Assigned
|
https://usn.ubuntu.com/4510-2/ Third Party Advisory
|
| Changed |
Reference Type |
https://www.kb.cert.org/vuls/id/490028 No Types Assigned
|
https://www.kb.cert.org/vuls/id/490028 Third Party Advisory, US Government Resource
|
| Changed |
Reference Type |
https://www.synology.com/security/advisory/Synology_SA_20_21 No Types Assigned
|
https://www.synology.com/security/advisory/Synology_SA_20_21 Third Party Advisory
|
CVE Modified by Microsoft Corporation
9/25/2020 4:15:14 PM
| Action |
Type |
Old Value |
New Value |
| Added |
Reference |
https://lists.fedoraproject.org/archives/list/[email protected]/message/TAPQQZZAT4TG3XVRTAFV2Y3S7OAHFBUP/ [No Types Assigned]
|
CVE Modified by Microsoft Corporation
9/25/2020 11:15:49 AM
| Action |
Type |
Old Value |
New Value |
| Added |
Reference |
http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00086.html [No Types Assigned]
|
CVE Modified by Microsoft Corporation
9/24/2020 11:15:14 AM
| Action |
Type |
Old Value |
New Value |
| Added |
Reference |
http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00080.html [No Types Assigned]
|
CVE Modified by Microsoft Corporation
9/23/2020 3:15:18 PM
| Action |
Type |
Old Value |
New Value |
| Added |
Reference |
https://lists.fedoraproject.org/archives/list/[email protected]/message/H4OTFBL6YDVFH2TBJFJIE4FMHPJEEJK3/ [No Types Assigned]
|
CVE Modified by Microsoft Corporation
9/21/2020 6:15:12 PM
| Action |
Type |
Old Value |
New Value |
| Added |
Reference |
https://usn.ubuntu.com/4510-2/ [No Types Assigned]
|
CVE Modified by Microsoft Corporation
9/21/2020 8:15:12 AM
| Action |
Type |
Old Value |
New Value |
| Added |
Reference |
https://www.synology.com/security/advisory/Synology_SA_20_21 [No Types Assigned]
|
CVE Modified by Microsoft Corporation
9/17/2020 10:15:12 PM
| Action |
Type |
Old Value |
New Value |
| Added |
Reference |
https://usn.ubuntu.com/4510-1/ [No Types Assigned]
|
CVE Modified by Microsoft Corporation
9/17/2020 11:15:13 AM
| Action |
Type |
Old Value |
New Value |
| Added |
Reference |
http://www.openwall.com/lists/oss-security/2020/09/17/2 [No Types Assigned]
|
CVE Modified by Microsoft Corporation
9/16/2020 3:15:13 PM
| Action |
Type |
Old Value |
New Value |
| Added |
Reference |
https://www.kb.cert.org/vuls/id/490028 [No Types Assigned]
|
CVE Modified by Microsoft Corporation
9/16/2020 1:15:13 PM
| Action |
Type |
Old Value |
New Value |
| Added |
Reference |
http://packetstormsecurity.com/files/159190/Zerologon-Proof-Of-Concept.html [No Types Assigned]
|
Initial Analysis by NIST
8/24/2020 1:27:55 PM
| Action |
Type |
Old Value |
New Value |
| Added |
CVSS V3.1 |
NIST AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
|
| Added |
CVSS V2 |
NIST (AV:N/AC:M/Au:N/C:C/I:C/A:C)
|
| Added |
CWE |
NIST CWE-269
|
| Added |
CPE Configuration |
OR
*cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*
*cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*
*cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*
*cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*
*cpe:2.3:o:microsoft:windows_server_2016:1903:*:*:*:*:*:*:*
*cpe:2.3:o:microsoft:windows_server_2016:1909:*:*:*:*:*:*:*
*cpe:2.3:o:microsoft:windows_server_2016:2004:*:*:*:*:*:*:*
*cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*
|
| Changed |
Reference Type |
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1472 No Types Assigned
|
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1472 Patch, Vendor Advisory
|
Quick Info
CVE Dictionary Entry: CVE-2020-1472 NVD
Published Date: 08/17/2020 NVD
Last Modified: 06/16/2026
Source: Microsoft Corporation
|
