Threat Encyclopedia

MS.Windows.DHCPv6.ParseDhcpv6Options.Code.Execution

description-logoDescription

This indicates an attack attempt to exploit a Buffer Overflow Vulnerability in Microsoft Windows Server
A remote attacker on the same network segment as the victim can exploit this vulnerability by setting up a rogue DHCPv6 server and responding to DHCPv6 requests with malicious DHCPv6 reply messages. Successful exploitation will result in the attacker being able to run arbitrary code with administrative privileges on the target system.

affected-products-logoAffected Products

Microsoft Windows 10 version 1803
Microsoft Windows 10 Version 1809
Microsoft Windows Server 2019
Microsoft Windows Server 2019 (Server Core installation)
Microsoft Windows Server version 1803 (Server Core Installation)

Impact

System Compromise: Remote attackers can gain control of vulnerable systems.

recomended-action-logoRecommended Actions

Apply the most recent upgrade or patch from the vendor.
https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/CVE-2019-0698

CVE References

CVE-2019-0698