NETLOGON Message Session Key Retrieval Vulnerability

NETLOGON Message Session Key Retrieval Vulnerability

CVE-2019-1019 · MEDIUM Severity

AV:N/AC:M/AU:S/C:P/I:P/A:P

A security feature bypass vulnerability exists where a NETLOGON message is able to obtain the session key and sign messages.To exploit this vulnerability, an attacker could send a specially crafted authentication request, aka 'Microsoft Windows Security Feature Bypass Vulnerability'.

Learn more about our Web Application Penetration Testing UK.