Recently, Check Point researchers found a 17-year-old high-profile flaw, SIGRed (CVE-2020-1350). The flaw is a wormable, critical vulnerability in the Windows DNS server, and can be triggered by a malicious DNS response.
On a zero to 10 scale, this vulnerability has received a CVSS base score of 10 in terms of how easy it is to exploit and how damaging it can be. Successful exploitation could lead to a critical RCE on Windows DNS servers due to the improper handling of DNS requests – effectively compromising the entire corporate infrastructure.
Fortunately, Imperva DDoS Protection for Domain Name Servers (DNS) can shield against this vulnerability and ensure the attack is not forwarded to the origin name server. Customers using Imperva’s protected DNS service are safe provided that their DNS server accepts incoming requests from Imperva’s proxies only.
Imperva protects against this vulnerability by checking the requested DNS name and forwards the request to the origin (authoritative DNS server) only if the name matches the authoritative domain name.
Read the full blog by Hemmy Yona, Kim Lambert here.
Check out Imperva’s website for more information on protecting data and all paths to it or contact your local Exclusive Networks Account Manager.