NVD disclosure day
CVE-2020-1472
Halo Surface Signal: 2 out of 5 — less likely to be public-facing.
A vulnerability in the Netlogon Remote Protocol can allow an unauthenticated attacker to gain domain administrator access. This could enable an attacker to run malicious applications on network devices, posing a risk to organizational control and data. Microsoft has released updates to address this issue.
CVE-2020-1464
Halo Surface Signal: 1 out of 5 — much less likely to be public-facing.
A spoofing vulnerability in Windows allows attackers to bypass security features by loading improperly signed files. This could impact systems by allowing unauthorized code execution. Organizations face business risk from potential data compromise and system integrity issues.
CVE-2020-1380
Halo Surface Signal: 1 out of 5 — much less likely to be public-facing.
A remote code execution vulnerability exists in Internet Explorer's scripting engine, potentially allowing attackers to control affected systems. Exploitation can occur through malicious websites or documents, granting attackers the same user rights as the victim, which could lead to unauthorized data access or system
CVE-2020-3433
Halo Surface Signal: 1 out of 5 — much less likely to be public-facing.
A vulnerability in Cisco AnyConnect Secure Mobility Client for Windows allows a local attacker with valid credentials to execute arbitrary code with system privileges. This risk to affected organizations arises from insufficient validation of loaded resources, enabling DLL hijacking. Mitigation involves applying vendor