Published: 11/11/2020 Updated: 23/11/2020
CVSS v2 Base Score: 9 | Impact Score: 10 | Exploitability Score: 8
CVSS v3 Base Score: 7.2 | Impact Score: 5.9 | Exploitability Score: 1.2
Vector: AV:N/AC:L/Au:S/C:C/I:C/A:C

Vulnerability Summary

Microsoft Windows could allow a remote authenticated malicious user to bypass security restrictions. An attacker could exploit this vulnerability to bypass Kerberos security feature to cause impact on confidentiality, integrity and availability.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

microsoft windows server 2012

microsoft windows server 2012 r2

microsoft windows server 2016 -

microsoft windows server 2016 20h2

microsoft windows server 2016 1903

microsoft windows server 2016 1909

microsoft windows server 2016 2004

microsoft windows server 2019 -

Github Repositories

some interesting articles about redteam

RedTeam-Articles some interesting articles about redteam A Beginner’s Guide to Windows Shellcode Execution Techniques 反转shellcode绕过AV Lab Building Guide: Virtual Active Directory rcoilme/ 腾讯蓝军-红蓝对抗之Windows内网渗透 腾讯蓝军-红蓝对抗之Linux内网渗透 wwwharmj0ynet/blog/redteaming/operational-guidance-for-offensive

Trying to tame the three-headed dog.

Rubeus Rubeus is a C# toolset for raw Kerberos interaction and abuses It is heavily adapted from Benjamin Delpy's Kekeo project (CC BY-NC-SA 40 license) and Vincent LE TOUX's MakeMeEnterpriseAdmin project (GPL v30 license) Full credit goes to Benjamin and Vincent for working out the hard components of weaponization- without their prior work this project would not


欢迎关注阿尔法实验室微信公众号 20201231 [漏洞] 2020年增加的10个最严重的CVE blogdetectifycom/2020/12/30/top-10-critical-cves-added-in-2020/ Chromium RawClipboardHostImpl中的UAF漏洞 bugschromiumorg/p/chromium/issues/detail?id=1101509 [工具] Sarenka:OSINT工具,将来自shodan、censys等服务的数据集中在一处

Recent Articles

Windows Kerberos Bronze Bit attack gets public exploit, patch now
BleepingComputer • Sergiu Gatlan • 10 Dec 2020

Proof-of-concept exploit code and full details on a Windows Kerberos security bypass vulnerability have been published earlier this week by Jake Karnes, the NetSPI security consultant and penetration tester who reported the security bug to Microsoft.
The security bug tracked as CVE-2020-17049 and patched by Microsoft during November 2020's Patch Tuesday can be exploited in what the researcher has named as
Karnes provides a
and details on how attackers can explo...

Microsoft fixes Windows 10 BSOD crashes caused by NVMe SSDs
BleepingComputer • Sergiu Gatlan • 01 Dec 2020

Microsoft has fixed a known issue causing Windows 10 blue screens of death (BSOD) crashes when users plugged in a Thunderbolt NVMe (Non-Volatile Memory Express) Solid State Drive (SSD).
To be impacted by this known issue Windows 10 device would have to feature at least one Thunderbolt NVMe SSD and one Thunderbolt port.
Affected Windows 10 devices would also display a "DRIVER_VERIFIER_DMA_VIOLATION (e6). An illegal DMA operation was attempted by a driver being verified." stop error.

Microsoft releases patching guidance for Kerberos security bug
BleepingComputer • Sergiu Gatlan • 20 Nov 2020

Microsoft has released additional details on how to fully mitigate a security feature bypass vulnerability in Kerberos KDC (Key Distribution Center) patched during this month's Patch Tuesday.
The remotely exploitable security bug tracked as CVE-2020-17049 exists in the way KDC decides if service tickets can be used for delegation via Kerberos Constrained Delegation (KCD).
Kerberos is the
for domain connected devices running Windows 2000 or later. Kerberos KDC is a feature tha...

Windows Kerberos authentication breaks due to security updates
BleepingComputer • Sergiu Gatlan • 16 Nov 2020

Microsoft is investigating a new known issue causing enterprise domain controllers to experience Kerberos authentication problems after installing security updates released to address CVE-2020-17049 during this month's Patch Tuesday, on November 10.
Kerberos replaced the NTLM protocol to be the
for domain connected devices on all Windows versions above Windows 2000.
Authentication protocols
of users, computers, and services, making it possible for authorized services ...

Microsoft fixes Windows Kerberos authentication issues in OOB update
BleepingComputer • Sergiu Gatlan • 01 Jan 1970

Microsoft has released out-of-band optional updates to fix a known issue that causes Kerberos authentication problems on enterprise domain controllers after installing security updates released earlier this month to address CVE-2020-17049.
is a remotely exploitable Kerberos Constrained Delegation (KCD) security feature bypass security bug that exists in the way KDC determines if service tickets can be used for delegation.
Kerberos replaced the NTLM protocol as the
for domain...

Microsoft fixes new Windows Kerberos security bug in staged rollout
BleepingComputer • Sergiu Gatlan • 01 Jan 1970

Microsoft has issued security updates to address a Kerberos security feature bypass vulnerability impacting multiple Windows Server versions in a two-phase staged rollout.
The vulnerability tracked as
 is exploitable remotely by attackers with low privileges as part of low complexity attacks where user interaction is not required.
CVE-2020-16996 exists on Active Directory DCs (Domain Controllers) and RODCs (Read-Only Domain Controllers) only on servers where the