Advisory September 20, 2020

Netlogon Elevation of Privilege Vulnerability

Blue Team

A critical vulnerability(CVE-2020-1472), which has received the maximum severity rating of 10 by Microsoft, was found on Netlogon Remote Protocol (MS-NRPC) which can potentially allow privilege escalation.
The vulnerability presents it self when attempting to authenticate to a Domain Controller (DC), allowing an attacker to give himself domain admin privileges by exploiting it.

Recommended Actions:

Applying the latest Patch from Microsoft’s Advisory will fix the vulnerability, by enforcing remote procedure call (RPC) in the Netlogon protocol for all Windows devices.

You can find more information available in Microsoft Security advisories, including mitigation actions.