SIGRed (CVE-2020-1350) is a critical, wormable RCE (remote code execution) vulnerability in the Windows DNS Server, that can be triggered by an attacker with malicious DNS response. It received a CVSS base score of 10, and according to the Check Point researchers who found this 17-year-old flaw, the likelihood of exploitation is high.
What is the SIGRed Vulnerability (CVE-2020-1350)?
![](https://vulcan.io/wp-content/uploads/2020/10/adi-goldstein-EUsVwEOsblE-unsplash-min-scaled-1-1568x1047.jpg)