{"id":107724,"date":"2020-10-13T10:06:35","date_gmt":"2020-10-13T17:06:35","guid":{"rendered":"\/blogs\/?p=107724"},"modified":"2024-02-16T11:16:38","modified_gmt":"2024-02-16T19:16:38","slug":"cve-2020-16898-bad-neighbor","status":"publish","type":"post","link":"https:\/\/www.mcafee.com\/blogs\/other-blogs\/mcafee-labs\/cve-2020-16898-bad-neighbor\/","title":{"rendered":"CVE-2020-16898: \u201cBad Neighbor\u201d"},"content":{"rendered":"<h2><span style=\"font-size: 36pt;\">CVE-2020-16898: \u201cBad Neighbor\u201d<\/span><\/h2>\n<p><strong>CVSS Score: 8.8<\/strong><\/p>\n<div><b>Vector: CVSS:3.0\/AV:A\/AC:L\/PR:N\/UI:N\/S:U\/C:H\/I:H\/A:H\/E:P\/RL:O\/RC:C<\/b><\/div>\n<p><strong>Overview<\/strong><br \/>\nToday, Microsoft <a href=\"https:\/\/portal.msrc.microsoft.com\/en-US\/security-guidance\/advisory\/CVE-2020-16898\" target=\"_blank\" rel=\"noopener noreferrer\">announced<\/a> a critical vulnerability in the Windows IPv6 stack, which allows an attacker to send\u202fmaliciously crafted packets to potentially execute arbitrary code on a remote\u202fsystem. The proof-of-concept shared with MAPP (Microsoft Active Protection Program) members is both extremely simple and perfectly reliable. It results in an immediate BSOD (Blue Screen of Death), but more so, indicates the likelihood of exploitation for those who can manage to bypass Windows 10 and Windows Server 2019 mitigations. The effects of an exploit that would grant remote code execution would be widespread and highly impactful, as this type of bug could be made wormable. For ease of reference, we nicknamed the vulnerability \u201cBad Neighbor\u201d because it is located within an ICMPv6 Neighbor Discovery \u201cProtocol\u201d, using the Router Advertisement type.<\/p>\n<p><strong>Vulnerability Details<\/strong><br \/>\nA remote code execution vulnerability exists when\u202fthe\u202fWindows TCP\/IP stack\u202fimproperly handles\u202fICMPv6 Router Advertisement\u202fpackets that use Option Type 25 (Recursive DNS Server\u202fOption)\u202fand a length field value that is even.\u202fIn this Option, the length is counted in increments of 8 bytes, so an RDNSS option with a length of 3 should have a total length of 24 bytes. The option itself consists of five fields: Type, Length, Reserved, Lifetime, and Addresses of IPv6 Recursive DNS Servers. The first four fields always total 8 bytes, but the last field can contain a variable number of IPv6 addresses, which are 16 bytes each.\u202fAs a result, the length field should always be an odd value of at least 3, per <a href=\"https:\/\/tools.ietf.org\/html\/rfc8106#section-5.3.1\">RFC 8106<\/a>:<\/p>\n<pre class=\"newpage\">When an IPv6 host receives DNS options (i.e., RDNSS and DNSSL\r\noptions) through RA messages, it processes the options as follows:\r\n\r\n   o  The validity of DNS options is checked with the Length field;\r\n      that is, the value of the Length field in the RDNSS option is\r\n      greater than or equal to the minimum value (3) and satisfies the\r\n      requirement that (Length - 1) % 2 == 0.<\/pre>\n<p>When an even length value is provided, the Windows TCP\/IP stack incorrectly advances the network buffer\u202fby an amount that is 8 bytes too few. This is because\u202fthe stack\u202finternally counts in 16-byte increments, failing to account for the case where a non-RFC compliant length value is used. This mismatch\u202fresults in the stack interpreting the last 8 bytes of the current option as the start of a second option, ultimately leading to a buffer overflow and potential RCE.<\/p>\n<p>It is likely that a memory leak or information disclosure bug in the Windows kernel would be required in order to build a full exploit chain for this vulnerability. Despite this, we expect to see working exploits in the very near future.<\/p>\n<p><strong>Threat Surface<\/strong><br \/>\nThe largest impact here will be to consumers on Windows 10 machines, though with Windows Updates the threat surface is likely to be quickly minimized. While Shodan.io shouldn\u2019t be counted on as a definitive source, our best queries put the number of Windows Server 2019 machines with IPv6 addresses is in the hundreds, not exceeding approximately 1000. This is likely because most servers are behind firewalls or hosted by Cloud Service Providers (CSPs) and not reachable directly via Shodan scans.<\/p>\n<p><strong>Detection<\/strong><br \/>\nWe believe this vulnerability can be detected with a simple heuristic that parses all incoming ICMPv6 traffic, looking for packets with an ICMPv6 Type field of 134 \u2013 indicating Router Advertisement \u2013 and an ICMPv6 Option field of 25 \u2013 indicating Recursive DNS Server (RDNSS). If this RDNSS option also has a length field value that is even, the heuristic would drop or flag the associated packet, as it is likely part of a &#8220;Bad Neighbor\u201d exploit attempt.<\/p>\n<p><strong>Mitigation<\/strong><br \/>\nPatching is always the first and most effective course of action. If this is not possible, the best mitigation is disabling IPv6, either on the NIC or at the perimeter of the network by dropping ICMPv6 traffic if it is non-essential. Additionally, ICMPv6 Router Advertisements can be blocked or dropped at the network perimeter. Windows Defender and Windows Firewall fail to block the proof-of-concept when enabled. It is unknown yet if this attack can succeed by tunneling the ICMPv6 traffic over IPv4 using technologies like 6to4 or Teredo. Our efforts to repeat the attack in this manner have not been successful to date.<\/p>\n<p>For those McAfee customers who are unable to deploy the Windows patch, the following Network Security Platform (NSP) signatures will provide a virtual patch against attempted exploitation of this vulnerability, as well as a similar vulnerability (CVE-2020-16899). Unlike \u201cBad Neighbor\u201d, the impact of CVE-2020-16899 is limited to denial-of-service in the form of BSoD.<\/p>\n<p>NSP Attack ID: 0x40103a00 &#8211; ICMP: Windows IPv6 Stack Elevation of Privilege Vulnerability (CVE-2020-16898)<br \/>\nNSP Attack ID: 0x40103b00 &#8211; ICMP: Windows Function Discovery SSDP Provider Elevation of Privilege Vulnerability (CVE-2020-16899)<\/p>\n<p>Additionally, we are releasing Suricata rules to detect potential exploitation of these vulnerabilities. Due to limitations in open source tools such as Snort and Suricata, we found that implementing the minimal detection logic described earlier required combining Suricata with its built-in Lua script parser. We have hosted the rules and Lua scripts at our public GitHub under <a href=\"https:\/\/github.com\/advanced-threat-research\/CVE-2020-16898\">CVE-2020-16898<\/a> and <a href=\"https:\/\/github.com\/advanced-threat-research\/CVE-2020-16899\">CVE-2020-16899<\/a> respectively. Although we have confirmed that the rules correctly detect use of the proof-of-concepts, they should be thoroughly vetted in your environment prior to deployment to avoid risk of any false positives.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>CVE-2020-16898: \u201cBad Neighbor\u201d CVSS Score: 8.8 Vector: CVSS:3.0\/AV:A\/AC:L\/PR:N\/UI:N\/S:U\/C:H\/I:H\/A:H\/E:P\/RL:O\/RC:C Overview Today, Microsoft announced a critical vulnerability in the Windows IPv6 stack,&#8230;<\/p>\n","protected":false},"author":1004,"featured_media":95330,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"footnotes":""},"categories":[442],"tags":[],"coauthors":[5354,5850],"class_list":["post-107724","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-mcafee-labs"],"acf":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v25.4 - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>CVE-2020-16898: \u201cBad Neighbor\u201d | McAfee Blog<\/title>\n<meta name=\"description\" content=\"CVE-2020-16898: \u201cBad Neighbor\u201d CVSS Score: 8.8 Vector: CVSS:3.0\/AV:A\/AC:L\/PR:N\/UI:N\/S:U\/C:H\/I:H\/A:H\/E:P\/RL:O\/RC:C Overview Today, Microsoft announced a\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"CVE-2020-16898: \u201cBad Neighbor\u201d | McAfee Blog\" \/>\n<meta property=\"og:description\" content=\"CVE-2020-16898: \u201cBad Neighbor\u201d CVSS Score: 8.8 Vector: CVSS:3.0\/AV:A\/AC:L\/PR:N\/UI:N\/S:U\/C:H\/I:H\/A:H\/E:P\/RL:O\/RC:C Overview Today, Microsoft announced a\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.mcafee.com\/blogs\/other-blogs\/mcafee-labs\/cve-2020-16898-bad-neighbor\/\" \/>\n<meta property=\"og:site_name\" content=\"McAfee Blog\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/McAfee\/\" \/>\n<meta property=\"article:published_time\" content=\"2020-10-13T17:06:35+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2024-02-16T19:16:38+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.mcafee.com\/blogs\/wp-content\/uploads\/2019\/05\/A-silhouette-of-a-hacker-with-a-black-hat-in-a-suit-enters-a-hallway-with-walls-textured-with-green-digital-glowing-strains-3D-illustration-cybersecurity-concept-copy.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"2048\" \/>\n\t<meta property=\"og:image:height\" content=\"1152\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"Steve Povolny, Mark Bereza\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@spovolny\" \/>\n<meta name=\"twitter:site\" content=\"@McAfee\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Steve Povolny, Mark Bereza\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"5 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/www.mcafee.com\/blogs\/other-blogs\/mcafee-labs\/cve-2020-16898-bad-neighbor\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/www.mcafee.com\/blogs\/other-blogs\/mcafee-labs\/cve-2020-16898-bad-neighbor\/\"},\"author\":{\"name\":\"Steve Povolny\",\"@id\":\"https:\/\/www.mcafee.com\/blogs\/#\/schema\/person\/210ec6c1c7e372f17c4b1109f06b8267\"},\"headline\":\"CVE-2020-16898: \u201cBad Neighbor\u201d\",\"datePublished\":\"2020-10-13T17:06:35+00:00\",\"dateModified\":\"2024-02-16T19:16:38+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/www.mcafee.com\/blogs\/other-blogs\/mcafee-labs\/cve-2020-16898-bad-neighbor\/\"},\"wordCount\":845,\"publisher\":{\"@id\":\"https:\/\/www.mcafee.com\/blogs\/#organization\"},\"image\":{\"@id\":\"https:\/\/www.mcafee.com\/blogs\/other-blogs\/mcafee-labs\/cve-2020-16898-bad-neighbor\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/www.mcafee.com\/blogs\/wp-content\/uploads\/2019\/05\/A-silhouette-of-a-hacker-with-a-black-hat-in-a-suit-enters-a-hallway-with-walls-textured-with-green-digital-glowing-strains-3D-illustration-cybersecurity-concept-copy.jpg\",\"articleSection\":[\"McAfee Labs\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.mcafee.com\/blogs\/other-blogs\/mcafee-labs\/cve-2020-16898-bad-neighbor\/\",\"url\":\"https:\/\/www.mcafee.com\/blogs\/other-blogs\/mcafee-labs\/cve-2020-16898-bad-neighbor\/\",\"name\":\"CVE-2020-16898: \u201cBad Neighbor\u201d | McAfee Blog\",\"isPartOf\":{\"@id\":\"https:\/\/www.mcafee.com\/blogs\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/www.mcafee.com\/blogs\/other-blogs\/mcafee-labs\/cve-2020-16898-bad-neighbor\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/www.mcafee.com\/blogs\/other-blogs\/mcafee-labs\/cve-2020-16898-bad-neighbor\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/www.mcafee.com\/blogs\/wp-content\/uploads\/2019\/05\/A-silhouette-of-a-hacker-with-a-black-hat-in-a-suit-enters-a-hallway-with-walls-textured-with-green-digital-glowing-strains-3D-illustration-cybersecurity-concept-copy.jpg\",\"datePublished\":\"2020-10-13T17:06:35+00:00\",\"dateModified\":\"2024-02-16T19:16:38+00:00\",\"description\":\"CVE-2020-16898: \u201cBad Neighbor\u201d CVSS Score: 8.8 Vector: CVSS:3.0\/AV:A\/AC:L\/PR:N\/UI:N\/S:U\/C:H\/I:H\/A:H\/E:P\/RL:O\/RC:C Overview Today, Microsoft announced a\",\"breadcrumb\":{\"@id\":\"https:\/\/www.mcafee.com\/blogs\/other-blogs\/mcafee-labs\/cve-2020-16898-bad-neighbor\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.mcafee.com\/blogs\/other-blogs\/mcafee-labs\/cve-2020-16898-bad-neighbor\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.mcafee.com\/blogs\/other-blogs\/mcafee-labs\/cve-2020-16898-bad-neighbor\/#primaryimage\",\"url\":\"https:\/\/www.mcafee.com\/blogs\/wp-content\/uploads\/2019\/05\/A-silhouette-of-a-hacker-with-a-black-hat-in-a-suit-enters-a-hallway-with-walls-textured-with-green-digital-glowing-strains-3D-illustration-cybersecurity-concept-copy.jpg\",\"contentUrl\":\"https:\/\/www.mcafee.com\/blogs\/wp-content\/uploads\/2019\/05\/A-silhouette-of-a-hacker-with-a-black-hat-in-a-suit-enters-a-hallway-with-walls-textured-with-green-digital-glowing-strains-3D-illustration-cybersecurity-concept-copy.jpg\",\"width\":2048,\"height\":1152},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/www.mcafee.com\/blogs\/other-blogs\/mcafee-labs\/cve-2020-16898-bad-neighbor\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Blog\",\"item\":\"https:\/\/www.mcafee.com\/blogs\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Other Blogs\",\"item\":\"https:\/\/www.mcafee.com\/blogs\/other-blogs\/\"},{\"@type\":\"ListItem\",\"position\":3,\"name\":\"McAfee Labs\",\"item\":\"https:\/\/www.mcafee.com\/blogs\/other-blogs\/mcafee-labs\/\"},{\"@type\":\"ListItem\",\"position\":4,\"name\":\"CVE-2020-16898: \u201cBad Neighbor\u201d\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.mcafee.com\/blogs\/#website\",\"url\":\"https:\/\/www.mcafee.com\/blogs\/\",\"name\":\"McAfee Blog\",\"description\":\"Internet Security News\",\"publisher\":{\"@id\":\"https:\/\/www.mcafee.com\/blogs\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/www.mcafee.com\/blogs\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/www.mcafee.com\/blogs\/#organization\",\"name\":\"McAfee\",\"url\":\"https:\/\/www.mcafee.com\/blogs\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.mcafee.com\/blogs\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/www.mcafee.com\/blogs\/wp-content\/uploads\/2023\/02\/mcafee-logo.png\",\"contentUrl\":\"https:\/\/www.mcafee.com\/blogs\/wp-content\/uploads\/2023\/02\/mcafee-logo.png\",\"width\":1286,\"height\":336,\"caption\":\"McAfee\"},\"image\":{\"@id\":\"https:\/\/www.mcafee.com\/blogs\/#\/schema\/logo\/image\/\"},\"sameAs\":[\"https:\/\/www.facebook.com\/McAfee\/\",\"https:\/\/x.com\/McAfee\",\"https:\/\/www.linkedin.com\/company\/mcafee\/\",\"https:\/\/www.youtube.com\/McAfee\"]},{\"@type\":\"Person\",\"@id\":\"https:\/\/www.mcafee.com\/blogs\/#\/schema\/person\/210ec6c1c7e372f17c4b1109f06b8267\",\"name\":\"Steve Povolny\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.mcafee.com\/blogs\/#\/schema\/person\/image\/d83e09f6a46193cbf6406c6f30ba3fde\",\"url\":\"https:\/\/www.mcafee.com\/blogs\/wp-content\/uploads\/2019\/04\/steve_p_mcafee-96x96.png\",\"contentUrl\":\"https:\/\/www.mcafee.com\/blogs\/wp-content\/uploads\/2019\/04\/steve_p_mcafee-96x96.png\",\"caption\":\"Steve Povolny\"},\"description\":\"Steve Povolny is the Head of Advanced Threat Research for McAfee Enterprise, which delivers groundbreaking vulnerability research spanning nearly every industry. With more than a decade of experience in network security, Steve is a recognized authority on hardware and software vulnerabilities, and regularly collaborates with influencers in academia, government, law enforcement, consumers and enterprise businesses of all sizes. Steve is a sought after public speaker and media commentator who often blogs on key topics. He brings his passion for threat research and a unique vision to harness the power of collaboration between the research community and product vendors, through responsible disclosure, for the benefit of all.\",\"sameAs\":[\"https:\/\/www.linkedin.com\/in\/steve-povolny-595a776\/\",\"https:\/\/x.com\/spovolny\"],\"url\":\"https:\/\/www.mcafee.com\/blogs\/author\/steve-povolny\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"CVE-2020-16898: \u201cBad Neighbor\u201d | McAfee Blog","description":"CVE-2020-16898: \u201cBad Neighbor\u201d CVSS Score: 8.8 Vector: CVSS:3.0\/AV:A\/AC:L\/PR:N\/UI:N\/S:U\/C:H\/I:H\/A:H\/E:P\/RL:O\/RC:C Overview Today, Microsoft announced a","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"og_locale":"en_US","og_type":"article","og_title":"CVE-2020-16898: \u201cBad Neighbor\u201d | McAfee Blog","og_description":"CVE-2020-16898: \u201cBad Neighbor\u201d CVSS Score: 8.8 Vector: CVSS:3.0\/AV:A\/AC:L\/PR:N\/UI:N\/S:U\/C:H\/I:H\/A:H\/E:P\/RL:O\/RC:C Overview Today, Microsoft announced a","og_url":"https:\/\/www.mcafee.com\/blogs\/other-blogs\/mcafee-labs\/cve-2020-16898-bad-neighbor\/","og_site_name":"McAfee Blog","article_publisher":"https:\/\/www.facebook.com\/McAfee\/","article_published_time":"2020-10-13T17:06:35+00:00","article_modified_time":"2024-02-16T19:16:38+00:00","og_image":[{"width":2048,"height":1152,"url":"https:\/\/www.mcafee.com\/blogs\/wp-content\/uploads\/2019\/05\/A-silhouette-of-a-hacker-with-a-black-hat-in-a-suit-enters-a-hallway-with-walls-textured-with-green-digital-glowing-strains-3D-illustration-cybersecurity-concept-copy.jpg","type":"image\/jpeg"}],"author":"Steve Povolny, Mark Bereza","twitter_card":"summary_large_image","twitter_creator":"@spovolny","twitter_site":"@McAfee","twitter_misc":{"Written by":"Steve Povolny, Mark Bereza","Est. reading time":"5 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.mcafee.com\/blogs\/other-blogs\/mcafee-labs\/cve-2020-16898-bad-neighbor\/#article","isPartOf":{"@id":"https:\/\/www.mcafee.com\/blogs\/other-blogs\/mcafee-labs\/cve-2020-16898-bad-neighbor\/"},"author":{"name":"Steve Povolny","@id":"https:\/\/www.mcafee.com\/blogs\/#\/schema\/person\/210ec6c1c7e372f17c4b1109f06b8267"},"headline":"CVE-2020-16898: \u201cBad Neighbor\u201d","datePublished":"2020-10-13T17:06:35+00:00","dateModified":"2024-02-16T19:16:38+00:00","mainEntityOfPage":{"@id":"https:\/\/www.mcafee.com\/blogs\/other-blogs\/mcafee-labs\/cve-2020-16898-bad-neighbor\/"},"wordCount":845,"publisher":{"@id":"https:\/\/www.mcafee.com\/blogs\/#organization"},"image":{"@id":"https:\/\/www.mcafee.com\/blogs\/other-blogs\/mcafee-labs\/cve-2020-16898-bad-neighbor\/#primaryimage"},"thumbnailUrl":"https:\/\/www.mcafee.com\/blogs\/wp-content\/uploads\/2019\/05\/A-silhouette-of-a-hacker-with-a-black-hat-in-a-suit-enters-a-hallway-with-walls-textured-with-green-digital-glowing-strains-3D-illustration-cybersecurity-concept-copy.jpg","articleSection":["McAfee Labs"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/www.mcafee.com\/blogs\/other-blogs\/mcafee-labs\/cve-2020-16898-bad-neighbor\/","url":"https:\/\/www.mcafee.com\/blogs\/other-blogs\/mcafee-labs\/cve-2020-16898-bad-neighbor\/","name":"CVE-2020-16898: \u201cBad Neighbor\u201d | McAfee Blog","isPartOf":{"@id":"https:\/\/www.mcafee.com\/blogs\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.mcafee.com\/blogs\/other-blogs\/mcafee-labs\/cve-2020-16898-bad-neighbor\/#primaryimage"},"image":{"@id":"https:\/\/www.mcafee.com\/blogs\/other-blogs\/mcafee-labs\/cve-2020-16898-bad-neighbor\/#primaryimage"},"thumbnailUrl":"https:\/\/www.mcafee.com\/blogs\/wp-content\/uploads\/2019\/05\/A-silhouette-of-a-hacker-with-a-black-hat-in-a-suit-enters-a-hallway-with-walls-textured-with-green-digital-glowing-strains-3D-illustration-cybersecurity-concept-copy.jpg","datePublished":"2020-10-13T17:06:35+00:00","dateModified":"2024-02-16T19:16:38+00:00","description":"CVE-2020-16898: \u201cBad Neighbor\u201d CVSS Score: 8.8 Vector: CVSS:3.0\/AV:A\/AC:L\/PR:N\/UI:N\/S:U\/C:H\/I:H\/A:H\/E:P\/RL:O\/RC:C Overview Today, Microsoft announced a","breadcrumb":{"@id":"https:\/\/www.mcafee.com\/blogs\/other-blogs\/mcafee-labs\/cve-2020-16898-bad-neighbor\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.mcafee.com\/blogs\/other-blogs\/mcafee-labs\/cve-2020-16898-bad-neighbor\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.mcafee.com\/blogs\/other-blogs\/mcafee-labs\/cve-2020-16898-bad-neighbor\/#primaryimage","url":"https:\/\/www.mcafee.com\/blogs\/wp-content\/uploads\/2019\/05\/A-silhouette-of-a-hacker-with-a-black-hat-in-a-suit-enters-a-hallway-with-walls-textured-with-green-digital-glowing-strains-3D-illustration-cybersecurity-concept-copy.jpg","contentUrl":"https:\/\/www.mcafee.com\/blogs\/wp-content\/uploads\/2019\/05\/A-silhouette-of-a-hacker-with-a-black-hat-in-a-suit-enters-a-hallway-with-walls-textured-with-green-digital-glowing-strains-3D-illustration-cybersecurity-concept-copy.jpg","width":2048,"height":1152},{"@type":"BreadcrumbList","@id":"https:\/\/www.mcafee.com\/blogs\/other-blogs\/mcafee-labs\/cve-2020-16898-bad-neighbor\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Blog","item":"https:\/\/www.mcafee.com\/blogs\/"},{"@type":"ListItem","position":2,"name":"Other Blogs","item":"https:\/\/www.mcafee.com\/blogs\/other-blogs\/"},{"@type":"ListItem","position":3,"name":"McAfee Labs","item":"https:\/\/www.mcafee.com\/blogs\/other-blogs\/mcafee-labs\/"},{"@type":"ListItem","position":4,"name":"CVE-2020-16898: \u201cBad Neighbor\u201d"}]},{"@type":"WebSite","@id":"https:\/\/www.mcafee.com\/blogs\/#website","url":"https:\/\/www.mcafee.com\/blogs\/","name":"McAfee Blog","description":"Internet Security News","publisher":{"@id":"https:\/\/www.mcafee.com\/blogs\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.mcafee.com\/blogs\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.mcafee.com\/blogs\/#organization","name":"McAfee","url":"https:\/\/www.mcafee.com\/blogs\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.mcafee.com\/blogs\/#\/schema\/logo\/image\/","url":"https:\/\/www.mcafee.com\/blogs\/wp-content\/uploads\/2023\/02\/mcafee-logo.png","contentUrl":"https:\/\/www.mcafee.com\/blogs\/wp-content\/uploads\/2023\/02\/mcafee-logo.png","width":1286,"height":336,"caption":"McAfee"},"image":{"@id":"https:\/\/www.mcafee.com\/blogs\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/www.facebook.com\/McAfee\/","https:\/\/x.com\/McAfee","https:\/\/www.linkedin.com\/company\/mcafee\/","https:\/\/www.youtube.com\/McAfee"]},{"@type":"Person","@id":"https:\/\/www.mcafee.com\/blogs\/#\/schema\/person\/210ec6c1c7e372f17c4b1109f06b8267","name":"Steve Povolny","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.mcafee.com\/blogs\/#\/schema\/person\/image\/d83e09f6a46193cbf6406c6f30ba3fde","url":"https:\/\/www.mcafee.com\/blogs\/wp-content\/uploads\/2019\/04\/steve_p_mcafee-96x96.png","contentUrl":"https:\/\/www.mcafee.com\/blogs\/wp-content\/uploads\/2019\/04\/steve_p_mcafee-96x96.png","caption":"Steve Povolny"},"description":"Steve Povolny is the Head of Advanced Threat Research for McAfee Enterprise, which delivers groundbreaking vulnerability research spanning nearly every industry. With more than a decade of experience in network security, Steve is a recognized authority on hardware and software vulnerabilities, and regularly collaborates with influencers in academia, government, law enforcement, consumers and enterprise businesses of all sizes. Steve is a sought after public speaker and media commentator who often blogs on key topics. He brings his passion for threat research and a unique vision to harness the power of collaboration between the research community and product vendors, through responsible disclosure, for the benefit of all.","sameAs":["https:\/\/www.linkedin.com\/in\/steve-povolny-595a776\/","https:\/\/x.com\/spovolny"],"url":"https:\/\/www.mcafee.com\/blogs\/author\/steve-povolny\/"}]}},"_links":{"self":[{"href":"https:\/\/www.mcafee.com\/blogs\/wp-json\/wp\/v2\/posts\/107724","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.mcafee.com\/blogs\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.mcafee.com\/blogs\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.mcafee.com\/blogs\/wp-json\/wp\/v2\/users\/1004"}],"replies":[{"embeddable":true,"href":"https:\/\/www.mcafee.com\/blogs\/wp-json\/wp\/v2\/comments?post=107724"}],"version-history":[{"count":1,"href":"https:\/\/www.mcafee.com\/blogs\/wp-json\/wp\/v2\/posts\/107724\/revisions"}],"predecessor-version":[{"id":182779,"href":"https:\/\/www.mcafee.com\/blogs\/wp-json\/wp\/v2\/posts\/107724\/revisions\/182779"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.mcafee.com\/blogs\/wp-json\/wp\/v2\/media\/95330"}],"wp:attachment":[{"href":"https:\/\/www.mcafee.com\/blogs\/wp-json\/wp\/v2\/media?parent=107724"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.mcafee.com\/blogs\/wp-json\/wp\/v2\/categories?post=107724"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.mcafee.com\/blogs\/wp-json\/wp\/v2\/tags?post=107724"},{"taxonomy":"author","embeddable":true,"href":"https:\/\/www.mcafee.com\/blogs\/wp-json\/wp\/v2\/coauthors?post=107724"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}