Network misconfigurations
VM instance with public access and open port 135 (RPC) and Windows operating system
Risk Level
Informational (4)
Platform(s)
Compliance Frameworks
- CCPA ,
- ISO/IEC 27001 ,
- Mitre ATT&CK v12 ,
- New Zealand Information Security Manual ,
- NIST 800-53 ,
- Orca Best Practices ,
- UK Cyber Essentials
Description
We have found that {GcpVmInstance} is publicly accessible and has port 135 (RPC) open. Access to this port could result in unauthorized access to the VM instance.-
Recommended Mitigation
Make sure that public access through port 135 (RPC) is restricted.