Zerologon

Zerologon (formally: CVE-2020-1472) is a critical vulnerability in Microsoft's authentication protocol Netlogon, as implemented in some versions of Microsoft Windows and Samba.

Severity

Zerologon has a score of 10 under the Common Vulnerability Scoring System. It allows attackers to access all valid usernames and passwords in each Microsoft network that they breached. This in turn allows them to access additional credentials necessary to assume the privileges of any legitimate user of the network, which in turn can let them compromise Microsoft 365 email accounts.

Unusually, Zerologon was the subject of an emergency directive from the United States Cybersecurity and Infrastructure Security Agency.

In 2020, Zerologon started to be used in global attacks against the automotive, engineering and pharmaceutical industry. Zerologon was also used to hack the Municipal wireless network of Austin, Texas.

See also

• 2020 United States federal government data breach

References

1. Samba (software)
2. 2020 United States federal government data breach
3. Block cipher mode of operation
4. Pwnie Awards
5. 2020 in science
6. July–September 2020 in science