Zerologon…Way More 1337 than Zero Cool
When a vulnerability hits 10 out of 10 on the Common Vulnerability Scoring System (CVSS), people pay attention and so should you. CVE-2020-1472 did just that–it hit a 10 and is dubbed the “perfect” exploit by Tara Seals, author at ThreatPost.com. While this exploit requires network access to already be established, it allows an attacker to obtain the “keys to the kingdom,” a.k.a. Domain Admin. With domain admin credentials, an attacker can do pretty much whatever they want on that domain: create new accounts, delete accounts, turn off security services, crawl through the network and pilfer pretty much any and all data that is under the purview of that domain.