Hide Navigation Hide TOC

Vulnerable Netlogon Secure Channel Connection Allowed (a0cb7110-edf0-47a4-9177-541a4083128a)

Detects that a vulnerable Netlogon secure channel connection was allowed, which could be an indicator of CVE-2020-1472.

Cluster A	Galaxy A	Cluster B	Galaxy B	Level
Vulnerable Netlogon Secure Channel Connection Allowed (a0cb7110-edf0-47a4-9177-541a4083128a)	Sigma-Rules	Abuse Elevation Control Mechanism - T1548 (67720091-eee3-4d2d-ae16-8264567f6f5b)	Attack Pattern	1