Zerologon is a vulnerability in Microsoft's Netlogon Remote
Procedural Call (MS-NRPC) protocol. Specifically, this
vulnerability occurs due to an incorrect implementation of the
AES-128 Counter Feedback mode of operation. This vulnerability was
given a CVSS score of 10 by Microsoft and can be carried out by
anyone with a foothold in the network. This paper aims to explain
the detail and working of MS-NRPC protocol, its vulnerability, and
finally cover how to exploit it, something which the original paper
by Secura left out.
Read more https://packetstormsecurity.com/files/160823/Understanding_and_Exploiting_Zerologon.pdf