CVE-2020-17040: Authentication Bypass in Windows Hyper-V Security Feature

Virsec Security Research Lab Vulnerability Report

The Virsec Security Research Lab, helmed by Virsec CTO, Satya Gupta, provides timely, relevant analysis about prevalent security vulnerabilities.

1.1        Vulnerability Summary

Windows Hyper-V Security Feature can be bypassed. This bypass could affect any Hyper-V configurations that are using Router Guard. Certain packets that would normally be blocked or dropped could be processed. This could allow an attacker to bypass set policy, potentially influencing router paths.

Watch the video to learn more about this and other important vulnerabilities.

1.2        CVSS Score

The CVSS Base Score is 9.8 (Critical)

1.3        Affected Version

Windows Server, version 20H2 (Server Core Installation)

Windows Server 2012 R2 (Server Core installation)

Windows Server 2012 R2

Windows 8.1 for x64-based systems

Windows Server 2016 (Server Core installation)

Windows Server 2016

Windows 10 Version 1607 for x64-based Systems

Windows 10 for x64-based Systems

Windows Server, version 2004 (Server Core installation)

Windows 10 Version 2004 for x64-based Systems

Windows Server, version 1903 (Server Core installation)

Windows 10 Version 1903 for x64-based Systems

Windows Server, version 1909 (Server Core installation)

Windows 10 Version 1909 for x64-based Systems

Windows Server 2019 (Server Core installation)

Windows Server 2019

Windows 10 Version 1809 for x64-based Systems

Windows 10 Version 1803 for x64-based Systems

Windows 10 Version 20H2 for x64-based Systems

1.4        Vulnerability Attribution

Etienne Champetier (@champtar)

1.5        Risk Impact

Given the affected versions of OS, the risk posed by this vulnerability is critical. Public exploit is not available.

1.6        Virsec Security Platform (VSP) Support:

The Virsec Security Platform (VSP)- NVD has assigned it the CWE 287 (Improper Authentication). A patch is available from Microsoft. To those customers who cannot patch for whatever reason, VSP-Web Insider Protect capability may keep publicly exposed HTTP services safe.

1.7        Reference Links:

Download the full vulnerability report to learn more about this and other important vulnerabilities.

The post CVE-2020-17040: Authentication Bypass in Windows Hyper-V Security Feature appeared first on Virsec Systems.


*** This is a Security Bloggers Network syndicated blog from Blog – Virsec Systems authored by Satya Gupta. Read the original post at: https://virsec.com/cve-2020-17040-authentication-bypass-in-windows-hyper-v-security-feature/