What is the SIGRed Vulnerability (CVE-2020-1350)? SIGRed (CVE-2020-1350) is a critical, wormable RCE (remote code execution) vulnerability in the Windows DNS Server, that can be triggered by an attacker with malicious DNS response. It received a CVSS base score of 10, and according to the Check Point researchers who found this 17-year-old flaw, the likelihood of exploitation is high.
Do you have a plan for BootHole or have you already fixed it? What about SIGRed or SMBleed? Are any of these high-profile vulnerabilities even relevant to the security of your digital infrastructure? Vulnerability prioritization is a critical element of any enterprise vulnerability management program. But too often prioritization is done wrong, making the effort… Continue reading Do I even need to fix BootHole, SIGRed or SMBleed?