更新時間:2020/10/19 03:27:32
發佈時間:2020/10/19 03:27:32
TLP:
(White)
得對外公開散布,但不得違反著作權法等相關規定
更新說明:
(發布日期為2020年10月15日,於2020年10月19日更新概念性驗證程式連結)
一、漏洞說明[1]
Windows TCP/IP協定的堆疊不當處理 ICMPv6 路由器宣告封包時,即存在遠端執行程式碼漏洞。成功利用此漏洞的攻擊者可能會取得在目標伺服器或用戶端上執行程式碼的能力。
為了利用此漏洞,攻擊者必須將特製的ICMPv6路由器宣告封包傳送到遠端 Windows電腦。
二、已揭露概念性驗證程式說明[2][3]
資安廠商Sophos已揭露概念性驗證程式,可針對此一漏洞進行攻擊。
三、影響平台:[1]
Windows 10 Version 1803 for 32-bit Systems
Windows 10 Version 1803 for x64-based Systems
Windows 10 Version 1803 for ARM64-based Systems
Windows 10 Version 1809 for 32-bit Systems
Windows 10 Version 1809 for x64-based Systems
Windows 10 Version 1809 for ARM64-based Systems
Windows Server 2019
Windows Server 2019 (Server Core installation)
Windows 10 Version 1909 for 32-bit Systems
Windows 10 Version 1909 for x64-based Systems
Windows 10 Version 1909 for ARM64-based Systems
Windows Server, version 1909 (Server Core installation)
Windows 10 Version 1709 for 32-bit Systems
Windows 10 Version 1709 for x64-based Systems
Windows 10 Version 1709 for ARM64-based Systems
Windows 10 Version 1903 for 32-bit Systems
Windows 10 Version 1903 for x64-based Systems
Windows 10 Version 1903 for ARM64-based Systems
Windows Server, version 1903 (Server Core installation)
Windows 10 Version 2004 for 32-bit Systems
Windows 10 Version 2004 for ARM64-based Systems
Windows 10 Version 2004 for x64-based Systems
Windows Server, version 2004 (Server Core installation)
四、CVSS向量: CVE-2020-16898[1]
使用版本:CVSS 3.0
分析分數:9.8
影響等級:3
參考來源 :Microsoft
五、建議措施:
1.Microsoft 已推出解決此漏洞的更新,並強烈建議執行更新[1]
2.如無法立刻更新,可採行緩解措施[1]
管理者停用ICMPv6 RDNSS功能,方式為於powershell下執行
netsh int ipv6 set int *INTERFACENUMBER* rabaseddnsconfig=disable
如需恢復,於powershell下執行
netsh int ipv6 set int *INTERFACENUMBER* rabaseddnsconfig=enable
參考連結:
1.Microsoft
https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/CVE-2020-16898
2. Sophos
https://nakedsecurity.sophos.com/2020/10/14/windows-ping-of-death-bug-revealed-patch-now/amp/
3. International Institute of Cyber Security
https://www.iicybersecurity.com/poc-exploit-for-critical-vulnerability-cve-2020-16898-in-windows-10-released.html
建議措施:
參考資料:
影響平台:
情資編號:
FISAC-202010-0005
系統目錄:
資安漏洞
資安類別:
資安訊息情資 / 其他
影響等級:
3
關鍵字:
弱點漏洞