Microsoft SMBv3 compression remote code execution vulnerability

🗓️ 11 Mar 2020 00:00:00Reported by CERTType

Microsoft SMBv3 compression remote code execution vulnerability. Vulnerability allows remote unauthenticated code execution. Apply update for CVE-2020-0796 or disable SMBv3 compression to mitigate. Consider blocking inbound and outbound SMB connections

Reporter	Title	Published	Views	Family All 206
Gitee	Exploit for Improper Restriction of Operations within the Bounds of a Memory Buffer in Microsoft	8 Dec 202020:37	–	gitee
Gitee	Exploit for Improper Restriction of Operations within the Bounds of a Memory Buffer in Microsoft	6 May 202015:20	–	gitee
Gitee	Exploit for CVE-2013-0422	20 Dec 202018:43	–	gitee
Gitee	Exploit for CVE-2013-0422	5 Aug 202014:46	–	gitee
Gitee	Exploit for Improper Restriction of Operations within the Bounds of a Memory Buffer in Microsoft	6 Jul 202114:08	–	gitee
Gitee	Exploit for Improper Restriction of Operations within the Bounds of a Memory Buffer in Microsoft	15 Nov 202122:01	–	gitee
Gitee	Exploit for Improper Restriction of Operations within the Bounds of a Memory Buffer in Microsoft	4 Jun 202023:09	–	gitee
Gitee	Exploit for Improper Restriction of Operations within the Bounds of a Memory Buffer in Microsoft	4 Jun 202010:07	–	gitee
Gitee	Exploit for Improper Restriction of Operations within the Bounds of a Memory Buffer in Microsoft	20 Apr 202110:15	–	gitee
Gitee	Exploit for Improper Restriction of Operations within the Bounds of a Memory Buffer in Microsoft	11 Mar 202117:57	–	gitee

Source	Link
portal	www.portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0796
portal	www.portal.msrc.microsoft.com/en-US/security-guidance/advisory/adv200005

04 Jun 2020 21:26Current

9.1High risk

Vulners AI Score9.1

CVSS 27.5

CVSS 3.110

EPSS0.94424

SSVC