“A critical 0-click remote authentication bypass vulnerability in Microsoft Telnet Server allows attackers to gain access as any user, including Administrator, without requiring valid credentials,” according to security researchers who analyzed the vulnerability. Security operations teams are advised to audit their environments for any running Telnet Server services, particularly on legacy Windows systems, and take immediate action to mitigate this vulnerability. A critical vulnerability in Microsoft Telnet Server enables attackers to bypass authentication completely, potentially gaining administrator access without valid credentials. The critical flaw, discovered by a security researcher with Handle Hacker Fantastic, exploits a misconfiguration in the NTLM Authentication processes of the Telnet MS-TNAP (Microsoft Telnet Authentication Protocol) extension. Example of 1-click Telnet client exploit, MS-TNAP will automatically send credentials to hosts in Intranet or Trusted zones, earlier MSIE does not prompt when launching telnet.exe making it 1-click only on legacy hosts & 1-click 1-prompt on latest hosts. This vulnerability highlights the ongoing security challenges faced by organizations running legacy systems past their support lifecycle.
This Cyber News was published on cybersecuritynews.com. Publication date: Tue, 06 May 2025 02:15:09 +0000