chompieDec 13, 2022

Demonstrating CVE-2022-37958 RCE Vuln. Reachable via any Windows application protocol that authenticates. Yes, that means RDP, SMB and many more. Please patch this one, it's serious!

https://securityintelligence.com/posts/critical-remote-code-execution-vulnerability-spnego-extended-negotiation-security-mechanism/

Critical Remote Code Execution Vulnerability in SPNEGO Extended Negotiation Security Mechanism

A vulnerability in SPNEGO NEGOEX has been reclassified as "Critical" after it was discovered that it could allow attackers to remotely execute code.

Security Intelligence
Show threadFritz AdalisDec 13, 2022
@chompie1337
Holy crap, nice work! This is any Windows auth like ms sql and iis?
Show threadchompie
@FritzAdalis yes, IIS and MSSQL at risk if they have Windows Authentication configuration enabled
Dec 13, 2022 at 10:10pmWeb
Show threadFritz AdalisDec 13, 2022
@chompie1337
Thanks!