Attackers Can Hijack Windows Domain Controllers with 'Zer

Attackers Can Hijack Windows Domain Controllers with 'Zerologon' Vulnerability (CVE-2020-1472)

Researchers at Secura recently published a blog post along with a supporting whitepaper detailing their findings of a critical vulnerability in Netlogon they’ve dubbed ‘Zerologon.’ Identified as CVE-2020-1472, the vulnerability was patched back in August as part of Microsoft's August Patch Tuesday release. Exploitation of this flaw could lead to an attacker taking over a network’s Domain Controller.

For more information about the vulnerability, including the availability of patches and Tenable product coverage, please visit our blog.

Cyber Exposure Alerts

Vulnerability Watch

Forum Discussion

Attackers Can Hijack Windows Domain Controllers with 'Zer

Recent Discussions

Microsoft’s February 2026 Patch Tuesday Addresses 54 CVEs (CVE-2026-21510, CVE-2026-21513)

Frequently Asked Questions About Notepad++ Supply Chain Compromise

Ivanti Endpoint Manager Mobile Zero-Days Exploited (CVE-2026-1281, CVE-2026-1340)

Oracle January 2026 Critical Patch Update Addresses 158 CVEs

CVE-2025-64155: Exploit Code Released for Critical Fortinet FortiSIEM Vulnerability

Americas

Europe

Asia / Australia