CVE-2020-16899
HIGHWindows 10 and Windows Server 2016/2019 - Denial of Service via ICMPv6 Router Advertisement Packet Handling
Title source: llmExploitation Summary
EIP tracks 1 public exploit for CVE-2020-16899. PoCs published by advanced-threat-research.
AI-analyzed exploit summary This repository contains a Lua script for Suricata to detect exploitation attempts of CVE-2020-16899, a DoS vulnerability in the Windows IPv6 stack triggered by malformed ICMPv6 Router Advertisement packets with DNSSL options. The script parses ICMPv6 packets to identify malicious payloads that could cause a BSOD.
Description
<p>A denial of service vulnerability exists when the Windows TCP/IP stack improperly handles ICMPv6 Router Advertisement packets. An attacker who successfully exploited this vulnerability could cause a target system to stop responding.</p> <p>To exploit this vulnerability, an attacker would have to send specially crafted ICMPv6 Router Advertisement packets to a remote Windows computer. The vulnerability would not allow an attacker to execute code or to elevate user rights directly.</p> <p>The update addresses the vulnerability by correcting how the Windows TCP/IP stack handles ICMPv6 Router Advertisement packets.</p>
Exploits (1)
This repository contains a Lua script for Suricata to detect exploitation attempts of CVE-2020-16899, a DoS vulnerability in the Windows IPv6 stack triggered by malformed ICMPv6 Router Advertisement packets with DNSSL options. The script parses ICMPv6 packets to identify malicious payloads that could cause a BSOD.
References (1)
Scores
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H