CVE-2020-0796 — CRITICAL (10.0)

Vulnerability Description

A remote code execution vulnerability exists in the way that the Microsoft Server Message Block 3.1.1 (SMBv3) protocol handles certain requests, aka 'Windows SMBv3 Client/Server Remote Code Execution Vulnerability'.

CVSS Score

10.0

CRITICAL

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

CHANGED

Confidentiality

HIGH

Integrity

HIGH

Availability

HIGH

Affected Products

Vendor	Product	Versions
Microsoft	Windows 10 1903	-
Microsoft	Windows 10 1909	-
Microsoft	Windows Server 1903	-
Microsoft	Windows Server 1909	-

Related Weaknesses (CWE)

CWE-119

References

http://packetstormsecurity.com/files/156731/CoronaBlue-SMBGhost-Microsoft-WindowThird Party AdvisoryVDB Entry
http://packetstormsecurity.com/files/156732/Microsoft-Windows-SMB-3.1.1-Remote-CExploitThird Party AdvisoryVDB Entry
http://packetstormsecurity.com/files/156980/Microsoft-Windows-10-SMB-3.1.1-LocalThird Party AdvisoryVDB Entry
http://packetstormsecurity.com/files/157110/SMBv3-Compression-Buffer-Overflow.htExploitThird Party AdvisoryVDB Entry
http://packetstormsecurity.com/files/157901/Microsoft-Windows-SMBGhost-Remote-CoThird Party AdvisoryVDB Entry
http://packetstormsecurity.com/files/158054/SMBleed-SMBGhost-Pre-Authentication-Third Party AdvisoryVDB Entry
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0796PatchVendor Advisory
http://packetstormsecurity.com/files/156731/CoronaBlue-SMBGhost-Microsoft-WindowThird Party AdvisoryVDB Entry
http://packetstormsecurity.com/files/156732/Microsoft-Windows-SMB-3.1.1-Remote-CExploitThird Party AdvisoryVDB Entry
http://packetstormsecurity.com/files/156980/Microsoft-Windows-10-SMB-3.1.1-LocalThird Party AdvisoryVDB Entry
http://packetstormsecurity.com/files/157110/SMBv3-Compression-Buffer-Overflow.htExploitThird Party AdvisoryVDB Entry
http://packetstormsecurity.com/files/157901/Microsoft-Windows-SMBGhost-Remote-CoThird Party AdvisoryVDB Entry
http://packetstormsecurity.com/files/158054/SMBleed-SMBGhost-Pre-Authentication-Third Party AdvisoryVDB Entry
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0796PatchVendor Advisory
https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2020-US Government Resource

FAQ

What is CVE-2020-0796?

CVE-2020-0796 is a vulnerability with a CVSS score of 10.0 (CRITICAL). A remote code execution vulnerability exists in the way that the Microsoft Server Message Block 3.1.1 (SMBv3) protocol handles certain requests, aka 'Windows SMBv3 Client/Server Remote Code Execution ...

How severe is CVE-2020-0796?

CVE-2020-0796 has been rated CRITICAL with a CVSS base score of 10.0/10. This is considered a critical vulnerability requiring immediate attention.

Is there a patch for CVE-2020-0796?

Check the references section above for vendor advisories and patch information. Affected products include: Microsoft Windows 10 1903, Microsoft Windows 10 1909, Microsoft Windows Server 1903, Microsoft Windows Server 1909.