Microsoft has released out-of-band security updates to address a remote code execution vulnerability (CVE-2020-0796) in Microsoft Server Message Block 3.1.1 (SMBv3). A remote attacker could exploit this vulnerability to take control of an affected system.

The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review the following resources and apply the necessary updates or workarounds.
• Microsoft Security Guidance for CVE-2020-0796
• Microsoft Advisory ADV200005
• CERT Coordination Center’s Vulnerability Note VU#872016

This product is provided subject to this Notification and this Privacy & Use policy.

Please share your thoughts.

We recently updated our anonymous product survey; we’d welcome your feedback.

References

portal.msrc.microsoft.com/en-US/security-guidance/advisory/adv200005

portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0796

www.kb.cert.org/vuls/id/872016/

canvas 2

trellix 6

prion 1

threatpost 10

githubexploit 28

cisa 3

nessus 4

qualysblog 4

thn 4

kitploit 3

myhack58 1

exploitpack 2

packetstorm 2

metasploit 2

cisa_kev 1

cert 1

zdt 5

talosblog 1

checkpoint_advisories 1

akamaiblog 1

kaspersky 1

rapid7blog 3

attackerkb 4

carbonblack 1

cve 1

mscve 2

openvas 1

mskb 1

exploitdb 3

mmpc 3

mssecure 4

hivepro 1

krebs 2

securelist 2

avleonov 5

canvas

Immunity Canvas: SMBGHOST_LPE

2020-03-12 16:15:00

Immunity Canvas: SMBGHOST

2020-03-12 16:15:00

trellix

SMBGhost – Analysis of CVE-2020-0796

2020-03-12 00:00:00

SMBGhost – Analysis of CVE-2020-0796

2020-03-12 00:00:00

Securing Space 4.0 – One Small Step or a Giant Leap? - Part 1

2020-09-30 00:00:00

prion

Remote code execution

2020-03-12 16:15:00

threatpost

‘WannaCry Hero’ Avoids Jail Time in Kronos Malware Charges

2019-07-29 13:23:34

Microsoft’s SMBGhost Flaw Still Haunts 108K Windows Systems

2020-10-28 20:36:09

2020-03-10 20:30:36

githubexploit

Exploit for Improper Restriction of Operations within the Bounds of a Memory Buffer in Microsoft

2020-11-20 09:00:08

Exploit for Improper Restriction of Operations within the Bounds of a Memory Buffer in Microsoft

2020-03-30 11:42:56

Exploit for Improper Restriction of Operations within the Bounds of a Memory Buffer in Microsoft

2020-04-22 09:10:15

cisa

Unpatched Microsoft Systems Vulnerable to CVE-2020-0796

2020-06-05 00:00:00

Microsoft Server Message Block RCE Vulnerability

2020-03-11 00:00:00

CISA Adds 15 Known Exploited Vulnerabilities to Catalog

2022-02-10 00:00:00

nessus

Microsoft Windows SMBv3 Compression RCE (ADV200005)(CVE-2020-0796)(Remote)

2020-03-11 00:00:00

Microsoft Windows SMBv3 Compression RCE (ADV200005)(CVE-2020-0796)(Remote)

2020-04-02 00:00:00

Microsoft Windows SMBv3 Compression RCE (ADV200005)(CVE-2020-0796)(Deprecated)

2020-03-11 00:00:00

qualysblog

Microsoft Windows SMBv3 Remote Code Execution Vulnerability (CVE-2020-0796)

2020-03-11 23:38:37

Automatically Discover, Prioritize and Remediate Microsoft SMBv3 RCE Vulnerability (CVE-2020-0796) using Qualys VMDR

2020-03-16 23:34:12

March 2020 Patch Tuesday – 115 Vulns, 26 Critical, Microsoft Word and Workstation Patches

2020-03-10 19:07:42

thn

Warning — Unpatched Critical 'Wormable' Windows SMBv3 Flaw Disclosed

2020-03-11 12:16:00

Critical Patch Released for 'Wormable' SMBv3 Vulnerability — Install It ASAP!

2020-03-12 14:30:00

SMBleed: A New Critical Vulnerability Affects Windows SMB Protocol

2020-06-09 20:30:00

kitploit

CVE-2020-0796 - CVE-2020-0796 Pre-Auth POC

2020-03-31 00:47:00

CVE-2020-0796 - Windows SMBv3 LPE Exploit #SMBGhost

2020-03-31 00:50:00

dazzleUP - A Tool That Detects The Privilege Escalation Vulnerabilities Caused By Misconfigurations And Missing Updates In The Windows OS

2020-07-31 12:30:00

myhack58

Odd security letter issued to Microsoft a high-risk vulnerability warning Win10 as the main effect of the target-vulnerability warning-the black bar safety net

2020-03-14 00:00:00

exploitpack

Microsoft Windows 10 (19031909) - SMBGhost SMB3.1.1 SMB2_COMPRESSION_CAPABILITIES Local Privilege Escalation

2020-03-30 00:00:00

Microsoft Windows 10 (19031909) - SMBGhost SMB3.1.1 SMB2_COMPRESSION_CAPABILITIES Buffer Overflow (PoC)

2020-03-14 00:00:00

packetstorm

SMBv3 Compression Buffer Overflow

2020-04-06 00:00:00

Microsoft Windows SMB 3.1.1 Remote Code Execution

2020-03-15 00:00:00

metasploit

SMBv3 Compression Buffer Overflow

2020-04-02 21:22:00

SMBv3 Compression Buffer Overflow

2021-04-09 18:15:05

cisa_kev

Microsoft SMBv3 Remote Code Execution Vulnerability

2022-02-10 00:00:00

cert

Microsoft SMBv3 compression remote code execution vulnerability

2020-03-11 00:00:00

zdt

Microsoft Windows 10 (1903/1909) - (SMBGhost) SMB3.1.1 Local Privilege Escalation Exploit

2020-03-30 00:00:00

Microsoft Server Message Block 3.1.1 (SMBv3) Compression Buffer Overflow Exploit

2020-04-06 00:00:00

Microsoft Windows 10 (1903/1909) - SMBGhost SMB3.1.1 SMB2_COMPRESSION_CAPABILITIES Buffer Overflow

2020-03-15 00:00:00

talosblog

Microsoft Patch Tuesday — March 2020: Vulnerability disclosures and Snort coverage

2020-03-12 10:00:14

checkpoint_advisories

Microsoft Windows SMBv3 Remote Code Execution (CVE-2020-0796)

2020-03-11 00:00:00

akamaiblog

How To Protect Your Systems Against Critical SMB Vulnerabilities (CVE-2020-0796)

2020-03-17 20:12:00

kaspersky

KLA11693 ACE vulnerability in Microsoft Windows

2020-03-12 00:00:00

rapid7blog

NICER Protocol Deep Dive: Internet Exposure of SMB

2020-09-18 15:11:21

Metasploit Wrap-Up

2021-05-28 15:42:16

Trick or Treat! What We Can Learn from the Spookiest Vulnerabilities of the Year

2020-10-29 13:59:06

attackerkb

CVE-2020-0796 - SMBGhost

2020-03-12 00:00:00

CVE-2021-31166

2021-05-11 00:00:00

CVE-2020-1206 Windows SMBv3 Client/Server Information Disclosure Vulnerability

2020-06-09 00:00:00

carbonblack

Threat Analysis: CVE-2020-0796 – EternalDarkness (ghostSMB)

2020-03-17 14:14:25

cve

CVE-2020-0796

2020-03-12 16:15:00

mscve

Windows SMBv3 Client/Server Remote Code Execution Vulnerability

2020-03-12 07:00:00

Microsoft Guidance for Disabling SMBv3 Compression

2020-03-10 07:00:00

openvas

Microsoft Windows Server Message Block 3.1.1 RCE Vulnerability (KB4551762)

2020-03-12 00:00:00

mskb

March 12, 2020—KB4551762 (OS Builds 18362.720 and 18363.720) - EXPIRED

2020-03-12 07:00:00

exploitdb

Microsoft Windows 10 (1903/1909) - 'SMBGhost' SMB3.1.1 'SMB2_COMPRESSION_CAPABILITIES' Buffer Overflow (PoC)

2020-03-14 00:00:00

Microsoft Windows 10 (1903/1909) - 'SMBGhost' SMB3.1.1 'SMB2_COMPRESSION_CAPABILITIES' Local Privilege Escalation

2020-03-30 00:00:00

Microsoft Windows - 'SMBGhost' Remote Code Execution

2020-06-02 00:00:00

mmpc

Zerologon is now detected by Microsoft Defender for Identity

2020-11-30 17:00:20

When coin miners evolve, Part 2: Hunting down LemonDuck and LemonCat attacks

2021-07-29 19:00:59

When coin miners evolve, Part 1: Exposing LemonDuck and LemonCat, modern mining malware infrastructure

2021-07-22 16:00:57

mssecure

Zerologon is now detected by Microsoft Defender for Identity

2020-11-30 17:00:20

Mitigating vulnerabilities in endpoint network stacks

2020-05-04 16:00:25

When coin miners evolve, Part 2: Hunting down LemonDuck and LemonCat attacks

2021-07-29 19:00:59

hivepro

Vulnerabilities & Threats that Matter 08 – 14th Aug

2022-08-16 05:00:49

krebs

Microsoft Patch Tuesday, June 2020 Edition

2020-06-10 02:43:20

Microsoft Patch Tuesday, April 2020 Edition

2020-04-14 22:24:10

securelist

IT threat evolution Q2 2020. PC statistics

2020-09-03 10:30:23

IT threat evolution Q1 2020. Statistics

2020-05-20 10:00:43

avleonov

Microsoft Patch Tuesday August 2022: DogWalk, Exchange EOPs, 13 potentially dangerous, 2 funny, 3 mysterious vulnerabilities

2022-08-23 00:00:26

Microsoft Patch Tuesday March 2020: a new record was set, SMBv3 “Wormable” RCE and updates for February goldies

2020-03-22 01:15:34

Microsoft Patch Tuesday April 2020: my classification script, confusing RCE in Adobe Type Manager and updates for older vulnerabilities

2020-04-26 01:24:38

Products

Security Intelligence
Non-intrusive assessment
Developers SDK
Windows scanner
Linux scanner
Perimeter control tool
MSSP

Database

Vulnerabilities
Exploits
IOC
Security News
BugBounty
Popular
Wild Exploited
Top Vulnerabilities

Tools

Linux Security Scanner
API integration
Subscriptions
Plugins
Manual Audit

Learn More

Stats
API
Docs
Api-keys
License
Pricing
Glossary
FAQ

Company

Blog
Contacts
About Us
OpenSource
EULA
Brand Guideline
Privacy Policy

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply. All product names, logos, and brands are property of their respective owners. All company, product and service names used in this website are for identification purposes only. Use of these names, logos, and brands does not imply endorsement.If you are an owner of some content and want it to be removed, please contact us. Using Vulners services you are accepting Vulners services end-user license agreement

@2024 Vulners Inc

10 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

JSON

Related for CISA:2584F925B4D0F34C7EBE8E9D34FC72C7