CVE-2020-0796
Vulnerability from cvelistv5
Published
2020-03-12 15:48
Modified
2024-08-04 06:18
Severity ?
EPSS score ?
Summary
A remote code execution vulnerability exists in the way that the Microsoft Server Message Block 3.1.1 (SMBv3) protocol handles certain requests, aka 'Windows SMBv3 Client/Server Remote Code Execution Vulnerability'.
References
Impacted products
CISA Known exploited vulnerability
Data from the Known Exploited Vulnerabilities Catalog
Date added: 2022-02-10
Due date: 2022-08-10
Required action: Apply updates per vendor instructions.
Used in ransomware: Known
Notes: https://nvd.nist.gov/vuln/detail/CVE-2020-0796
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-04T06:18:01.914Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0796" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "http://packetstormsecurity.com/files/156731/CoronaBlue-SMBGhost-Microsoft-Windows-10-SMB-3.1.1-Proof-Of-Concept.html" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "http://packetstormsecurity.com/files/156732/Microsoft-Windows-SMB-3.1.1-Remote-Code-Execution.html" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "http://packetstormsecurity.com/files/156980/Microsoft-Windows-10-SMB-3.1.1-Local-Privilege-Escalation.html" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "http://packetstormsecurity.com/files/157110/SMBv3-Compression-Buffer-Overflow.html" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "http://packetstormsecurity.com/files/157901/Microsoft-Windows-SMBGhost-Remote-Code-Execution.html" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "http://packetstormsecurity.com/files/158054/SMBleed-SMBGhost-Pre-Authentication-Remote-Code-Execution-Proof-Of-Concept.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Windows 10 Version 1903 for 32-bit Systems", "vendor": "Microsoft", "versions": [ { "status": "affected", "version": "unspecified" } ] }, { "product": "Windows 10 Version 1903 for x64-based Systems", "vendor": "Microsoft", "versions": [ { "status": "affected", "version": "unspecified" } ] }, { "product": "Windows 10 Version 1903 for ARM64-based Systems", "vendor": "Microsoft", "versions": [ { "status": "affected", "version": "unspecified" } ] }, { "product": "Windows Server, version 1903 (Server Core installation)", "vendor": "Microsoft", "versions": [ { "status": "affected", "version": "unspecified" } ] }, { "product": "Windows 10 Version 1909 for 32-bit Systems", "vendor": "Microsoft", "versions": [ { "status": "affected", "version": "unspecified" } ] }, { "product": "Windows 10 Version 1909 for x64-based Systems", "vendor": "Microsoft", "versions": [ { "status": "affected", "version": "unspecified" } ] }, { "product": "Windows 10 Version 1909 for ARM64-based Systems", "vendor": "Microsoft", "versions": [ { "status": "affected", "version": "unspecified" } ] }, { "product": "Windows Server, version 1909 (Server Core installation)", "vendor": "Microsoft", "versions": [ { "status": "affected", "version": "unspecified" } ] } ], "descriptions": [ { "lang": "en", "value": "A remote code execution vulnerability exists in the way that the Microsoft Server Message Block 3.1.1 (SMBv3) protocol handles certain requests, aka \u0027Windows SMBv3 Client/Server Remote Code Execution Vulnerability\u0027." } ], "problemTypes": [ { "descriptions": [ { "description": "Remote Code Execution", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2020-06-11T18:06:05", "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "shortName": "microsoft" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0796" }, { "tags": [ "x_refsource_MISC" ], "url": "http://packetstormsecurity.com/files/156731/CoronaBlue-SMBGhost-Microsoft-Windows-10-SMB-3.1.1-Proof-Of-Concept.html" }, { "tags": [ "x_refsource_MISC" ], "url": "http://packetstormsecurity.com/files/156732/Microsoft-Windows-SMB-3.1.1-Remote-Code-Execution.html" }, { "tags": [ "x_refsource_MISC" ], "url": "http://packetstormsecurity.com/files/156980/Microsoft-Windows-10-SMB-3.1.1-Local-Privilege-Escalation.html" }, { "tags": [ "x_refsource_MISC" ], "url": "http://packetstormsecurity.com/files/157110/SMBv3-Compression-Buffer-Overflow.html" }, { "tags": [ "x_refsource_MISC" ], "url": "http://packetstormsecurity.com/files/157901/Microsoft-Windows-SMBGhost-Remote-Code-Execution.html" }, { "tags": [ "x_refsource_MISC" ], "url": "http://packetstormsecurity.com/files/158054/SMBleed-SMBGhost-Pre-Authentication-Remote-Code-Execution-Proof-Of-Concept.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "secure@microsoft.com", "ID": "CVE-2020-0796", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Windows 10 Version 1903 for 32-bit Systems", "version": { "version_data": [ { "version_value": "" } ] } }, { "product_name": "Windows 10 Version 1903 for x64-based Systems", "version": { "version_data": [ { "version_value": "" } ] } }, { "product_name": "Windows 10 Version 1903 for ARM64-based Systems", "version": { "version_data": [ { "version_value": "" } ] } }, { "product_name": "Windows Server, version 1903 (Server Core installation)", "version": { "version_data": [ { "version_value": "" } ] } }, { "product_name": "Windows 10 Version 1909 for 32-bit Systems", "version": { "version_data": [ { "version_value": "" } ] } }, { "product_name": "Windows 10 Version 1909 for x64-based Systems", "version": { "version_data": [ { "version_value": "" } ] } }, { "product_name": "Windows 10 Version 1909 for ARM64-based Systems", "version": { "version_data": [ { "version_value": "" } ] } }, { "product_name": "Windows Server, version 1909 (Server Core installation)", "version": { "version_data": [ { "version_value": "" } ] } } ] }, "vendor_name": "Microsoft" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "A remote code execution vulnerability exists in the way that the Microsoft Server Message Block 3.1.1 (SMBv3) protocol handles certain requests, aka \u0027Windows SMBv3 Client/Server Remote Code Execution Vulnerability\u0027." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "Remote Code Execution" } ] } ] }, "references": { "reference_data": [ { "name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0796", "refsource": "MISC", "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0796" }, { "name": "http://packetstormsecurity.com/files/156731/CoronaBlue-SMBGhost-Microsoft-Windows-10-SMB-3.1.1-Proof-Of-Concept.html", "refsource": "MISC", "url": "http://packetstormsecurity.com/files/156731/CoronaBlue-SMBGhost-Microsoft-Windows-10-SMB-3.1.1-Proof-Of-Concept.html" }, { "name": "http://packetstormsecurity.com/files/156732/Microsoft-Windows-SMB-3.1.1-Remote-Code-Execution.html", "refsource": "MISC", "url": "http://packetstormsecurity.com/files/156732/Microsoft-Windows-SMB-3.1.1-Remote-Code-Execution.html" }, { "name": "http://packetstormsecurity.com/files/156980/Microsoft-Windows-10-SMB-3.1.1-Local-Privilege-Escalation.html", "refsource": "MISC", "url": "http://packetstormsecurity.com/files/156980/Microsoft-Windows-10-SMB-3.1.1-Local-Privilege-Escalation.html" }, { "name": "http://packetstormsecurity.com/files/157110/SMBv3-Compression-Buffer-Overflow.html", "refsource": "MISC", "url": "http://packetstormsecurity.com/files/157110/SMBv3-Compression-Buffer-Overflow.html" }, { "name": "http://packetstormsecurity.com/files/157901/Microsoft-Windows-SMBGhost-Remote-Code-Execution.html", "refsource": "MISC", "url": "http://packetstormsecurity.com/files/157901/Microsoft-Windows-SMBGhost-Remote-Code-Execution.html" }, { "name": "http://packetstormsecurity.com/files/158054/SMBleed-SMBGhost-Pre-Authentication-Remote-Code-Execution-Proof-Of-Concept.html", "refsource": "MISC", "url": "http://packetstormsecurity.com/files/158054/SMBleed-SMBGhost-Pre-Authentication-Remote-Code-Execution-Proof-Of-Concept.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "assignerShortName": "microsoft", "cveId": "CVE-2020-0796", "datePublished": "2020-03-12T15:48:18", "dateReserved": "2019-11-04T00:00:00", "dateUpdated": "2024-08-04T06:18:01.914Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1", "meta": { "cisa_known_exploited": { "cveID": "CVE-2020-0796", "cwes": "[\"CWE-119\"]", "dateAdded": "2022-02-10", "dueDate": "2022-08-10", "knownRansomwareCampaignUse": "Known", "notes": "https://nvd.nist.gov/vuln/detail/CVE-2020-0796", "product": "SMBv3", "requiredAction": "Apply updates per vendor instructions.", "shortDescription": "A remote code execution vulnerability exists in the way that the Microsoft Server Message Block 3.1.1 (SMBv3) protocol handles certain requests. An attacker who successfully exploited the vulnerability could gain the ability to execute code on the target server or client.", "vendorProject": "Microsoft", "vulnerabilityName": "Microsoft SMBv3 Remote Code Execution Vulnerability" }, "nvd": "{\"cve\":{\"id\":\"CVE-2020-0796\",\"sourceIdentifier\":\"secure@microsoft.com\",\"published\":\"2020-03-12T16:15:15.627\",\"lastModified\":\"2022-04-22T19:02:46.300\",\"vulnStatus\":\"Analyzed\",\"cisaExploitAdd\":\"2022-02-10\",\"cisaActionDue\":\"2022-08-10\",\"cisaRequiredAction\":\"Apply updates per vendor instructions.\",\"cisaVulnerabilityName\":\"Microsoft SMBv3 Remote Code Execution Vulnerability\",\"descriptions\":[{\"lang\":\"en\",\"value\":\"A remote code execution vulnerability exists in the way that the Microsoft Server Message Block 3.1.1 (SMBv3) protocol handles certain requests, aka \u0027Windows SMBv3 Client/Server Remote Code Execution Vulnerability\u0027.\"},{\"lang\":\"es\",\"value\":\"Existe una vulnerabilidad de ejecuci\u00f3n de c\u00f3digo remota en la manera en que el protocolo Microsoft Server Message Block (SMBv3) versi\u00f3n 3.1.1, maneja determinadas peticiones, tambi\u00e9n se conoce como \u0027\u0027Windows SMBv3 Client/Server Remote Code Execution Vulnerability\\\".\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"CHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\",\"baseScore\":10.0,\"baseSeverity\":\"CRITICAL\"},\"exploitabilityScore\":3.9,\"impactScore\":6.0}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:P/I:P/A:P\",\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"PARTIAL\",\"baseScore\":7.5},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":10.0,\"impactScore\":6.4,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-119\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows_10:1903:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3FB5CDAE-C713-4D9D-9D6A-2C2E8924A4BB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows_10:1909:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E9273B95-20ED-4547-B0A8-95AD15B30372\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows_server_2016:1903:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5B921FDB-8E7D-427E-82BE-4432585080CF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows_server_2016:1909:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C253A63F-03AB-41CB-A03A-B2674DEA98AA\"}]}]}],\"references\":[{\"url\":\"http://packetstormsecurity.com/files/156731/CoronaBlue-SMBGhost-Microsoft-Windows-10-SMB-3.1.1-Proof-Of-Concept.html\",\"source\":\"secure@microsoft.com\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://packetstormsecurity.com/files/156732/Microsoft-Windows-SMB-3.1.1-Remote-Code-Execution.html\",\"source\":\"secure@microsoft.com\",\"tags\":[\"Exploit\",\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://packetstormsecurity.com/files/156980/Microsoft-Windows-10-SMB-3.1.1-Local-Privilege-Escalation.html\",\"source\":\"secure@microsoft.com\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://packetstormsecurity.com/files/157110/SMBv3-Compression-Buffer-Overflow.html\",\"source\":\"secure@microsoft.com\",\"tags\":[\"Exploit\",\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://packetstormsecurity.com/files/157901/Microsoft-Windows-SMBGhost-Remote-Code-Execution.html\",\"source\":\"secure@microsoft.com\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://packetstormsecurity.com/files/158054/SMBleed-SMBGhost-Pre-Authentication-Remote-Code-Execution-Proof-Of-Concept.html\",\"source\":\"secure@microsoft.com\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0796\",\"source\":\"secure@microsoft.com\",\"tags\":[\"Patch\",\"Vendor Advisory\"]}]}}" } }
Loading...
Loading...
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.