CVE-2023-32020
Windows DNS Spoofing Vulnerability
In short
Windows DNS servers can be tricked into accepting fake DNS responses from attackers on the same network, causing users to be directed to malicious websites instead of legitimate ones. This is dangerous because users trust their DNS results without realizing they've been redirected.
Technical detail
A DNS cache poisoning vulnerability in Windows DNS implementations allows an attacker on the same network segment to inject spoofed DNS responses that bypass validation checks, potentially resulting in users being redirected to attacker-controlled sites. The attack requires network proximity and the victim DNS resolver to process the malicious response before the legitimate one.
Summary generated and translated by AI from the official description.
Windows DNS Spoofing Vulnerability
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L/E:U/RL:O/RC:C
Affected products
Microsoft · Windows Server 2008 R2 Service Pack 1Microsoft · Windows Server 2008 R2 Service Pack 1 (Server Core installation)Microsoft · Windows Server 2008 Service Pack 2Microsoft · Windows Server 2008 Service Pack 2Microsoft · Windows Server 2008 Service Pack 2 (Server Core installation)Microsoft · Windows Server 2012Microsoft · Windows Server 2012 R2Microsoft · Windows Server 2012 R2 (Server Core installation)Microsoft · Windows Server 2012 (Server Core installation)Microsoft · Windows Server 2016Microsoft · Windows Server 2016 (Server Core installation)Microsoft · Windows Server 2019Microsoft · Windows Server 2019 (Server Core installation)Microsoft · Windows Server 2022Want to know if your infrastructure is exposed to this?
Talk to TrueHacking →