Zerologon (CVE-2020-1472) exploits a crypto flaw in Windows Netlogon to achieve domain admin in seconds. CVSS 10.0. Enables complete Active Directory compromise.

How does Precogs AI detect Zerologon?

Precogs AI detects weak cryptographic implementations in compiled Windows networking components, identifying Netlogon-style AES-CFB8 flaws in authentication protocols.

CVE-2020-1472: Zerologon

Score: 10

CRITICAL

Published: 2020-08-11Affected: Windows Server 2008-2019CWE-330 ↗

What is Zerologon?

A critical privilege escalation vulnerability in the Netlogon Remote Protocol (MS-NRPC). By exploiting a cryptographic flaw in the AES-CFB8 implementation, attackers can establish a Netlogon session with a domain controller using an all-zero computer credential.

Impact & Exploitation

Enables domain admin compromise in seconds. CVSS 10.0. Exploited by Iranian and Chinese APTs. Full Active Directory takeover from any network position.

Precogs Research

This vulnerability intelligence report was analyzed and enriched by the Precogs AI Security Team. Our researchers continuously monitor emerging threats across AI code, LLM pipelines, and binary architectures to ensure accurate real-time remediation guidance.

Is Your System Still Exposed to Critical CVEs?

Vulnerabilities like CVE-2020-1472 Zerologon don’t just exist in source code — they persist in compiled binaries, containers, and embedded systems. Precogs AI detects vulnerable components across your entire stack — even when source code isn’t available.

Request Deep Analysis Book a demo

CVE-2020-1472: Zerologon

What is Zerologon?

Impact & Exploitation

Precogs Research

Base Score

Tags

Quick Links

Is your system affected?

Is Your System Still Exposed to Critical CVEs?

CVE-2020-1472: Zerologon

What is Zerologon?

Impact & Exploitation

Related Resources

🔍 Related CWE Entries

🔗 External References

Precogs Research

Base Score

Tags

Quick Links

Is your system affected?

Is Your System Still Exposed to Critical CVEs?