SIGRed (CVE-2020-1350) is a critical, wormable RCE (remote code execution) vulnerability in the Windows DNS Server, that can be triggered by an attacker with malicious DNS response. It received a CVSS base score of 10, and according to the Check Point researchers who found this 17-year-old flaw, the likelihood of exploitation is high.