CVE-2016-0128 — Microsoft Windows 10 vulnerability

CWE-2547 documents5 sources

Severity

6.8MEDIUMNVD

EPSS

60.3%

top 1.72%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Microsoft Windows 10 Microsoft Windows Server 2008 Microsoft Windows Server 2012 +11 more

Timeline

PublishedApr 12

Latest updateMay 13

Description

The SAM and LSAD protocol implementations in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 do not properly establish an RPC channel, which allows man-in-the-middle attackers to perform protocol-downgrade attacks and impersonate users by modifying the client-server data stream, aka "Windows SAM and LSAD Downgrade Vulnerability" or "BADLOCK."

CVSS vector

CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:NExploitability: 1.6 | Impact: 5.2

Affected Packages13 packages

▶msrcmsrc/windows_server_2008

▶msrcmsrc/windows_server_2012

▶msrcmsrc/windows_server_2008_r2

▶msrcmsrc/windows_server_2012_r2

▶NVDmicrosoft/windowsr2

Patches

Patch: docs.microsoft.com ↗Patch: docs.microsoft.com ↗

🔴Vulnerability Details

GHSA

GHSA-3mv9-ggpf-rmx9: The SAM and LSAD protocol implementations in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8↗2022-05-13

▶

📋Vendor Advisories

Microsoft

Windows SAM and LSAD Downgrade Vulnerability↗2016-04-12

▶

🕵️Threat Intelligence

Tenable

Badlock or Sadlock?↗2016-04-14

▶

Tenable

Badlock or Sadlock?↗2016-04-14

▶

💬Community

Bugzilla

CVE-2016-4323 pidgin: MXIT Splash Image Arbitrary File Overwrite Vulnerability↗2016-06-22

▶

Bugzilla

CVE-2016-0737 openstack-swift: Client to proxy DoS through Large Objects↗2016-01-15

▶