<img alt="" src="https://secure.hiss3lark.com/173130.png" style="display:none;">

Datashield's Resource Library

Read all of our news, articles, reviews, and more in our company blog

All Posts

Vulnerability CVE-2020-16898

Vulnerability CVE-2020-16898

Microsoft announced a critical vulnerability as part of their Patch Tuesday on 10/12/2020. CVE-2020-16898, dubbed "Bad Neighbor", is a remote code execution (RCE) that occurs when the Windows TCP/IP stack incorrectly handles ICMPv6 Router Advertisement packets with an even length field.

The current proof of concept for this vulnerability results in a blue screen of death (BSOD) on Windows 10 and Windows 2019 Servers. The CVSS Score of this vulnerability is 9.8 out of 10.

Datashield recommends patching any Windows 10 or Windows 2019 Servers immediately, prioritizing any external facing windows servers. If patching isn’t possible, IPv6 can be disabled, either on the NIC or at the network perimeter by dropping IPv6 traffic. It is worth noting that Windows Defender and Windows Firewall did not block the proof of concept. Our content team is currently developing an alert for this CVE for future detections.

Full Article: https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-16898

If you have any questions regarding this vulnerability, please contact us.

Topics from this Article

Microsoft, Windows, Remote Code Execution, CVE, Vulnerability Management

Datashield
Datashield
Official Datashield account for blog content, news, announcements and more. The articles authored include a collaboration between internal staff, specifically the security operations and marketing team.

Related Posts

The Difference Between Cybersecurity & Network Security

The Difference Between Cybersecurity & Network Security

Security Advisory Kaseya VSA

Datashield Security Advisory:

Security Advisory Vulnerability CVE-2021-1675

Datashield Security Advisory: