Tom Tervoort
The Zerologon vulnerability (CVE-2020-1472) made use of an all-zero IV in the AES-CFB8 implementation used by Microsoft’s Netlogon authentication protocol allows an attacker to easily spoof credentials. An attacker can use this attack to change any Active Directory password and become Domain Admin.