CVE-2020-16898(aka”Bad Neighbor”): Windows TCP/IP Remote Code Execution Vulnerability
by CIRT Team
DESCRIPTION
A remote code execution vulnerability exists when the Windows TCP/IP stack improperly handles ICMPv6 Router Advertisement packets. An attacker who successfully exploited this vulnerability could gain the ability to execute code on the target server or client.
To exploit this vulnerability, an attacker would have to send specially crafted ICMPv6 Router Advertisement packets to a remote Windows computer.
IMPACT
An attacker who successfully exploited this vulnerability could gain the ability to execute code on the target server or client.
RECOMMENDATIONS
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-16898
REFERENCE:
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-16898
https://www.mcafee.com/blogs/other-blogs/mcafee-labs/cve-2020-16898-bad-neighbor/
https://blog.rapid7.com/2020/10/14/there-goes-the-neighborhood-dealing-with-cve-2020-16898-a-k-a-bad-neighbor/
https://blog.qualys.com/product-tech/2020/10/14/microsoft-windows-tcp-ip-remote-code-execution-vulnerability-cve-2020-16898-automatically-discover-prioritize-and-remediate-using-qualys-vmdr
Recommended Posts
Cyber Threat Alert: Surge in Attacks via Compromised Third-Party Service Providers
08 Feb 2024 - Articles, English articles, Security Advisories & Alerts