Primary

Context

Microsoft Digest Authentication Remote Code Execution Vulnerability

Vulnerability

A remote code execution vulnerability has been identified in Microsoft Digest Authentication. This issue affects several versions of Windows Server, including 2008, 2008 R2, 2012, and 2012 R2. The vulnerability arises from a heap-based buffer overflow and an integer overflow, allowing authenticated attackers to send malicious logon requests to the target domain controller, potentially leading to unauthorized code execution.

Impact

Exploitation of this vulnerability allows for remote code execution on the affected server.

Remediation

Users can apply the security updates provided in the Microsoft Knowledge Base articles KB5052016, KB5052020, KB5052042, and KB5052038. These updates are available through the Microsoft Update Catalog.

Added: Sep 1, 2025, 7:22 PM

Updated: Sep 1, 2025, 7:22 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

7.5

exploitability

5.2

remediation

0.0

relevance

0.0

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

7.5

exploitability

5.2

remediation

0.0

relevance

0.0

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Microsoft Digest Authentication Remote Code Execution Vulnerability

Vulnerability

Impact

Remediation

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating