Managing and Mitigating CVE-2020–16898 (Bad Neighbour/Ping of Death)
Blue Screen of Death from Wikipedia Many IT administrators, DevOps, TechOps and SecOps in the UK woke up this morning, to a particularly nasty looking Patch Tuesday. Top of the chat is CVE-2020–16898 which has been dubbed Bad Neighbour by McAfee and Ping of Death by Sophos. Reality Check It’s worth realising that this particular CVE has no known exploits, however best case scenario a threat actor could craft a ICMPv6 packet to exploit the RDNSS component of the IPv6 stack built in tcp.sys; the net result a threat actor could cause a Blue Screen of Death (BSOD). There is a worst case scenario of course in that a threat actor could craft a packet that didn’t cause a BSOD, but did allow the actor to execute code against the target system, known as Remote Code Execution (RCE). In reality the worst case scenario is unlikely to happen anytime soon, or even ever as it requires a failure of many lines of defence. ...