all InfoSec news
Critical Remote Code Execution Vulnerability in SPNEGO Extended Negotiation Security Mechanism
Security Intelligence securityintelligence.com
In September 2022, Microsoft patched an information disclosure vulnerability in SPNEGO NEGOEX (CVE-2022-37958). On December 13, Microsoft reclassified the vulnerability as “Critical” severity after IBM Security X-Force Red Security Researcher Valentina Palmiotti discovered the vulnerability could allow attackers to remotely execute code. The vulnerability is in the SPNEGO Extended Negotiation (NEGOEX) Security Mechanism, which allows […]
The post Critical Remote Code Execution Vulnerability in SPNEGO Extended Negotiation Security Mechanism appeared first on Security Intelligence.
application vulnerability code code execution common vulnerabilities and exposures critical ibm x-force research negotiation remote code execution security security services software vulnerabilities software vulnerability threat research vulnerability vulnerability analysis x-force