{"id":332,"date":"2020-09-21T14:44:42","date_gmt":"2020-09-21T12:44:42","guid":{"rendered":"https:\/\/lalospace.com\/?p=332"},"modified":"2020-09-21T14:44:43","modified_gmt":"2020-09-21T12:44:43","slug":"cve-2020-1472-zerologon-elevation-of-privilege-vuln","status":"publish","type":"post","link":"https:\/\/lalospace.com\/?p=332","title":{"rendered":"CVE 2020 1472 “Zerologon Elevation of Privilege Vuln.”"},"content":{"rendered":"\n
Sintesi<\/strong>\n\nNell'agosto 2020, Microsoft ha rilasciato un aggiornamento della sicurezza, CVE-2020-1472 | Netlogon Elevation of Privilege Vulnerability, per una nuova vulnerabilit\u00e0 di Privilege Escalation (EoP) nota anche come \"Zerologon\". A questa vulnerabilit\u00e0 \u00e8 stato assegnato il punteggio 10,0 CVSS (Common Vulnerability Scoring System) che risulta essere il pi\u00f9 alto, \u00e8 considerata una valutazione di sicurezza \"critica\" da Microsoft.\n\nQuesta vulnerabilit\u00e0 esiste all'interno del protocollo Netlogon. Lo sfruttamento di questa vulnerabilit\u00e0 \u00e8 possibile a causa di un difetto nell'implementazione della crittografia del protocollo Netlogon, in particolare AES-CFB8.\nLa vulnerabilit\u00e0 viene attivata inviando una stringa di zeri al protocollo Netlogon, da cui il nome \"Zerologon\". La falla consente a chiunque su una rete che utilizza il protocollo Netlogon di elevare i propri privilegi a quelli dell'amministratore del dominio. Ci\u00f2 consentirebbe a un utente malintenzionato di accedere all'intero dominio, aprendo opportunit\u00e0 di ulteriore sfruttamento, esfiltrazione di dati, interruzione della rete o qualunque sia il loro obiettivo.\n\nQuesta vulnerabilit\u00e0 interessa pi\u00f9 sistemi operativi Microsoft Windows Server.\n\nAzioni di mitigazione per Zerologon\n<\/strong>\nCome sempre, consigliamo ai nostri clienti di patchare i loro sistemi il prima possibile. Se desideri testare la tua rete per questa vulnerabilit\u00e0, puoi utilizzare lo script di test Secura ZeroLogon oppure chiamaci e fissiamo un appuntamento per cercare di quantificare numero di macchine e procedere subito al patching.\n\n*Tutti i nostri clienti con contratto Sys-Inf di livello superiore o uguale a 2 relativo alla gestione delle infrastrutture sono gi\u00e0 state protetti correggendo la falla nel sistema operativo.<\/pre>\n","protected":false},"excerpt":{"rendered":"
CVE 2020 1472 Zerologon Elevazione dei Privilegi Vulnerabilit\u00e0<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1],"tags":[61,66,63,65,64,62],"class_list":["post-332","post","type-post","status-publish","format-standard","hentry","category-senza-categoria","tag-cve2020-1472","tag-lalospace","tag-microsoft","tag-pentest","tag-vulnerabilita","tag-zerologon","no-post-thumbnail"],"yoast_head":"\nCVE 2020 1472 "Zerologon Elevation of Privilege Vuln." - LALOSPACE<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/lalospace.com\/?p=332\" \/>\n<meta property=\"og:locale\" content=\"it_IT\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"CVE 2020 1472 "Zerologon Elevation of Privilege Vuln." - LALOSPACE\" \/>\n<meta property=\"og:description\" content=\"CVE 2020 1472 Zerologon Elevazione dei Privilegi Vulnerabilit\u00e0\" \/>\n<meta property=\"og:url\" content=\"https:\/\/lalospace.com\/?p=332\" \/>\n<meta property=\"og:site_name\" content=\"LALOSPACE\" \/>\n<meta property=\"article:published_time\" content=\"2020-09-21T12:44:42+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2020-09-21T12:44:43+00:00\" \/>\n<meta name=\"author\" content=\"lalospace\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Scritto da\" \/>\n\t<meta name=\"twitter:data1\" content=\"lalospace\" \/>\n\t<meta name=\"twitter:label2\" content=\"Tempo di lettura stimato\" \/>\n\t<meta name=\"twitter:data2\" content=\"1 minuto\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/lalospace.com\/?p=332#article\",\"isPartOf\":{\"@id\":\"https:\/\/lalospace.com\/?p=332\"},\"author\":{\"name\":\"lalospace\",\"@id\":\"https:\/\/lalospace.com\/#\/schema\/person\/0a6048289f5b8f29b5982a642fb8bd90\"},\"headline\":\"CVE 2020 1472 “Zerologon Elevation of Privilege Vuln.”\",\"datePublished\":\"2020-09-21T12:44:42+00:00\",\"dateModified\":\"2020-09-21T12:44:43+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/lalospace.com\/?p=332\"},\"wordCount\":6,\"publisher\":{\"@id\":\"https:\/\/lalospace.com\/#organization\"},\"keywords\":[\"cve2020-1472\",\"lalospace\",\"Microsoft\",\"Pentest\",\"Vulnerabilita\",\"Zerologon\"],\"inLanguage\":\"it-IT\"},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/lalospace.com\/?p=332\",\"url\":\"https:\/\/lalospace.com\/?p=332\",\"name\":\"CVE 2020 1472 \\\"Zerologon Elevation of Privilege Vuln.\\\" - LALOSPACE\",\"isPartOf\":{\"@id\":\"https:\/\/lalospace.com\/#website\"},\"datePublished\":\"2020-09-21T12:44:42+00:00\",\"dateModified\":\"2020-09-21T12:44:43+00:00\",\"breadcrumb\":{\"@id\":\"https:\/\/lalospace.com\/?p=332#breadcrumb\"},\"inLanguage\":\"it-IT\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/lalospace.com\/?p=332\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/lalospace.com\/?p=332#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/lalospace.com\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"CVE 2020 1472 “Zerologon Elevation of Privilege Vuln.”\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/lalospace.com\/#website\",\"url\":\"https:\/\/lalospace.com\/\",\"name\":\"LALOSPACE\",\"description\":\"Reti e infrastrutture Server , Cybersecurity a Belluno\",\"publisher\":{\"@id\":\"https:\/\/lalospace.com\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/lalospace.com\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"it-IT\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/lalospace.com\/#organization\",\"name\":\"LaloSpace\",\"url\":\"https:\/\/lalospace.com\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"it-IT\",\"@id\":\"https:\/\/lalospace.com\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/lalospace.com\/wp-content\/uploads\/2020\/07\/logolalospace.png\",\"contentUrl\":\"https:\/\/lalospace.com\/wp-content\/uploads\/2020\/07\/logolalospace.png\",\"width\":500,\"height\":500,\"caption\":\"LaloSpace\"},\"image\":{\"@id\":\"https:\/\/lalospace.com\/#\/schema\/logo\/image\/\"}},{\"@type\":\"Person\",\"@id\":\"https:\/\/lalospace.com\/#\/schema\/person\/0a6048289f5b8f29b5982a642fb8bd90\",\"name\":\"lalospace\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"it-IT\",\"@id\":\"https:\/\/lalospace.com\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/454439e293539e2588c8f8bead321a7495960c5f22f010d27fd7f4385754fdb5?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/454439e293539e2588c8f8bead321a7495960c5f22f010d27fd7f4385754fdb5?s=96&d=mm&r=g\",\"caption\":\"lalospace\"}}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"CVE 2020 1472 \"Zerologon Elevation of Privilege Vuln.\" - LALOSPACE","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/lalospace.com\/?p=332","og_locale":"it_IT","og_type":"article","og_title":"CVE 2020 1472 \"Zerologon Elevation of Privilege Vuln.\" - LALOSPACE","og_description":"CVE 2020 1472 Zerologon Elevazione dei Privilegi Vulnerabilit\u00e0","og_url":"https:\/\/lalospace.com\/?p=332","og_site_name":"LALOSPACE","article_published_time":"2020-09-21T12:44:42+00:00","article_modified_time":"2020-09-21T12:44:43+00:00","author":"lalospace","twitter_card":"summary_large_image","twitter_misc":{"Scritto da":"lalospace","Tempo di lettura stimato":"1 minuto"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/lalospace.com\/?p=332#article","isPartOf":{"@id":"https:\/\/lalospace.com\/?p=332"},"author":{"name":"lalospace","@id":"https:\/\/lalospace.com\/#\/schema\/person\/0a6048289f5b8f29b5982a642fb8bd90"},"headline":"CVE 2020 1472 “Zerologon Elevation of Privilege Vuln.”","datePublished":"2020-09-21T12:44:42+00:00","dateModified":"2020-09-21T12:44:43+00:00","mainEntityOfPage":{"@id":"https:\/\/lalospace.com\/?p=332"},"wordCount":6,"publisher":{"@id":"https:\/\/lalospace.com\/#organization"},"keywords":["cve2020-1472","lalospace","Microsoft","Pentest","Vulnerabilita","Zerologon"],"inLanguage":"it-IT"},{"@type":"WebPage","@id":"https:\/\/lalospace.com\/?p=332","url":"https:\/\/lalospace.com\/?p=332","name":"CVE 2020 1472 \"Zerologon Elevation of Privilege Vuln.\" - LALOSPACE","isPartOf":{"@id":"https:\/\/lalospace.com\/#website"},"datePublished":"2020-09-21T12:44:42+00:00","dateModified":"2020-09-21T12:44:43+00:00","breadcrumb":{"@id":"https:\/\/lalospace.com\/?p=332#breadcrumb"},"inLanguage":"it-IT","potentialAction":[{"@type":"ReadAction","target":["https:\/\/lalospace.com\/?p=332"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/lalospace.com\/?p=332#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/lalospace.com\/"},{"@type":"ListItem","position":2,"name":"CVE 2020 1472 “Zerologon Elevation of Privilege Vuln.”"}]},{"@type":"WebSite","@id":"https:\/\/lalospace.com\/#website","url":"https:\/\/lalospace.com\/","name":"LALOSPACE","description":"Reti e infrastrutture Server , Cybersecurity a Belluno","publisher":{"@id":"https:\/\/lalospace.com\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/lalospace.com\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"it-IT"},{"@type":"Organization","@id":"https:\/\/lalospace.com\/#organization","name":"LaloSpace","url":"https:\/\/lalospace.com\/","logo":{"@type":"ImageObject","inLanguage":"it-IT","@id":"https:\/\/lalospace.com\/#\/schema\/logo\/image\/","url":"https:\/\/lalospace.com\/wp-content\/uploads\/2020\/07\/logolalospace.png","contentUrl":"https:\/\/lalospace.com\/wp-content\/uploads\/2020\/07\/logolalospace.png","width":500,"height":500,"caption":"LaloSpace"},"image":{"@id":"https:\/\/lalospace.com\/#\/schema\/logo\/image\/"}},{"@type":"Person","@id":"https:\/\/lalospace.com\/#\/schema\/person\/0a6048289f5b8f29b5982a642fb8bd90","name":"lalospace","image":{"@type":"ImageObject","inLanguage":"it-IT","@id":"https:\/\/lalospace.com\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/454439e293539e2588c8f8bead321a7495960c5f22f010d27fd7f4385754fdb5?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/454439e293539e2588c8f8bead321a7495960c5f22f010d27fd7f4385754fdb5?s=96&d=mm&r=g","caption":"lalospace"}}]}},"_links":{"self":[{"href":"https:\/\/lalospace.com\/index.php?rest_route=\/wp\/v2\/posts\/332","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/lalospace.com\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/lalospace.com\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/lalospace.com\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/lalospace.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=332"}],"version-history":[{"count":2,"href":"https:\/\/lalospace.com\/index.php?rest_route=\/wp\/v2\/posts\/332\/revisions"}],"predecessor-version":[{"id":334,"href":"https:\/\/lalospace.com\/index.php?rest_route=\/wp\/v2\/posts\/332\/revisions\/334"}],"wp:attachment":[{"href":"https:\/\/lalospace.com\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=332"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/lalospace.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=332"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/lalospace.com\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=332"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}