Zerologon allows attackers to reset the domain controller computer account password and take over Active Directory with zero credentials. Patch immediately. Enable Enforcement Mode in Netlogon after applying August 2020 patches.
An elevation of privilege vulnerability exists when an attacker establishes a vulnerable Netlogon secure channel connection to a domain controller, aka Zerologon.
Supernova subscribers receive AI-triaged CVE alerts the moment they're published — before the PoC drops.
Start Supernova — $99/mo →