FKIE_CVE-2020-0796

Vulnerability from fkie_nvd - Published: 2020-03-12 16:15 - Updated: 2025-10-29 14:27
Severity ?
10.0 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
10.0 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
Summary
A remote code execution vulnerability exists in the way that the Microsoft Server Message Block 3.1.1 (SMBv3) protocol handles certain requests, aka 'Windows SMBv3 Client/Server Remote Code Execution Vulnerability'.
References
secure@microsoft.comhttp://packetstormsecurity.com/files/156731/CoronaBlue-SMBGhost-Microsoft-Windows-10-SMB-3.1.1-Proof-Of-Concept.htmlThird Party Advisory, VDB Entry
secure@microsoft.comhttp://packetstormsecurity.com/files/156732/Microsoft-Windows-SMB-3.1.1-Remote-Code-Execution.htmlExploit, Third Party Advisory, VDB Entry
secure@microsoft.comhttp://packetstormsecurity.com/files/156980/Microsoft-Windows-10-SMB-3.1.1-Local-Privilege-Escalation.htmlThird Party Advisory, VDB Entry
secure@microsoft.comhttp://packetstormsecurity.com/files/157110/SMBv3-Compression-Buffer-Overflow.htmlExploit, Third Party Advisory, VDB Entry
secure@microsoft.comhttp://packetstormsecurity.com/files/157901/Microsoft-Windows-SMBGhost-Remote-Code-Execution.htmlThird Party Advisory, VDB Entry
secure@microsoft.comhttp://packetstormsecurity.com/files/158054/SMBleed-SMBGhost-Pre-Authentication-Remote-Code-Execution-Proof-Of-Concept.htmlThird Party Advisory, VDB Entry
secure@microsoft.comhttps://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0796Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://packetstormsecurity.com/files/156731/CoronaBlue-SMBGhost-Microsoft-Windows-10-SMB-3.1.1-Proof-Of-Concept.htmlThird Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108http://packetstormsecurity.com/files/156732/Microsoft-Windows-SMB-3.1.1-Remote-Code-Execution.htmlExploit, Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108http://packetstormsecurity.com/files/156980/Microsoft-Windows-10-SMB-3.1.1-Local-Privilege-Escalation.htmlThird Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108http://packetstormsecurity.com/files/157110/SMBv3-Compression-Buffer-Overflow.htmlExploit, Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108http://packetstormsecurity.com/files/157901/Microsoft-Windows-SMBGhost-Remote-Code-Execution.htmlThird Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108http://packetstormsecurity.com/files/158054/SMBleed-SMBGhost-Pre-Authentication-Remote-Code-Execution-Proof-Of-Concept.htmlThird Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0796Patch, Vendor Advisory
134c704f-9b21-4f2e-91b3-4a467353bcc0https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2020-0796US Government Resource
Impacted products
Vendor Product Version
microsoft windows_10_1903 -
microsoft windows_10_1903 -
microsoft windows_10_1903 -
microsoft windows_10_1909 -
microsoft windows_10_1909 -
microsoft windows_10_1909 -
microsoft windows_server_1903 -
microsoft windows_server_1909 -
To clipboard 

{
  "cisaActionDue": "2022-08-10",
  "cisaExploitAdd": "2022-02-10",
  "cisaRequiredAction": "Apply updates per vendor instructions.",
  "cisaVulnerabilityName": "Microsoft SMBv3 Remote Code Execution Vulnerability",
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:microsoft:windows_10_1903:-:*:*:*:*:*:arm64:*",
              "matchCriteriaId": "9E1ED169-6F03-4BD5-B227-5FA54DB40AD7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows_10_1903:-:*:*:*:*:*:x64:*",
              "matchCriteriaId": "5C5B5180-1E12-45C2-8275-B9E528955307",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows_10_1903:-:*:*:*:*:*:x86:*",
              "matchCriteriaId": "B6A0DB01-49CB-4445-AFE8-57C2186857BA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows_10_1909:-:*:*:*:*:*:arm64:*",
              "matchCriteriaId": "9285A9B5-4759-43E7-9589-CDBCA7100605",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows_10_1909:-:*:*:*:*:*:x64:*",
              "matchCriteriaId": "0D77EA14-F61D-4B9E-A385-70B88C482116",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows_10_1909:-:*:*:*:*:*:x86:*",
              "matchCriteriaId": "1A6FC9EE-D486-4AFE-A20E-4278468A1779",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows_server_1903:-:*:*:*:*:*:x64:*",
              "matchCriteriaId": "FFE3495D-291C-46B6-B758-23E16A53A7C3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows_server_1909:-:*:*:*:*:*:x64:*",
              "matchCriteriaId": "11E7F8F0-4FA8-4AA6-92A5-860E77AC933D",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A remote code execution vulnerability exists in the way that the Microsoft Server Message Block 3.1.1 (SMBv3) protocol handles certain requests, aka \u0027Windows SMBv3 Client/Server Remote Code Execution Vulnerability\u0027."
    },
    {
      "lang": "es",
      "value": "Existe una vulnerabilidad de ejecuci\u00f3n de c\u00f3digo remota en la manera en que el protocolo Microsoft Server Message Block (SMBv3) versi\u00f3n 3.1.1, maneja determinadas peticiones, tambi\u00e9n se conoce como \u0027\u0027Windows SMBv3 Client/Server Remote Code Execution Vulnerability\"."
    }
  ],
  "id": "CVE-2020-0796",
  "lastModified": "2025-10-29T14:27:11.213",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 7.5,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 10.0,
          "baseSeverity": "CRITICAL",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 6.0,
        "source": "nvd@nist.gov",
        "type": "Primary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 10.0,
          "baseSeverity": "CRITICAL",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 6.0,
        "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
        "type": "Secondary"
      }
    ]
  },
  "published": "2020-03-12T16:15:15.627",
  "references": [
    {
      "source": "secure@microsoft.com",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://packetstormsecurity.com/files/156731/CoronaBlue-SMBGhost-Microsoft-Windows-10-SMB-3.1.1-Proof-Of-Concept.html"
    },
    {
      "source": "secure@microsoft.com",
      "tags": [
        "Exploit",
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://packetstormsecurity.com/files/156732/Microsoft-Windows-SMB-3.1.1-Remote-Code-Execution.html"
    },
    {
      "source": "secure@microsoft.com",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://packetstormsecurity.com/files/156980/Microsoft-Windows-10-SMB-3.1.1-Local-Privilege-Escalation.html"
    },
    {
      "source": "secure@microsoft.com",
      "tags": [
        "Exploit",
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://packetstormsecurity.com/files/157110/SMBv3-Compression-Buffer-Overflow.html"
    },
    {
      "source": "secure@microsoft.com",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://packetstormsecurity.com/files/157901/Microsoft-Windows-SMBGhost-Remote-Code-Execution.html"
    },
    {
      "source": "secure@microsoft.com",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://packetstormsecurity.com/files/158054/SMBleed-SMBGhost-Pre-Authentication-Remote-Code-Execution-Proof-Of-Concept.html"
    },
    {
      "source": "secure@microsoft.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0796"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://packetstormsecurity.com/files/156731/CoronaBlue-SMBGhost-Microsoft-Windows-10-SMB-3.1.1-Proof-Of-Concept.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit",
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://packetstormsecurity.com/files/156732/Microsoft-Windows-SMB-3.1.1-Remote-Code-Execution.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://packetstormsecurity.com/files/156980/Microsoft-Windows-10-SMB-3.1.1-Local-Privilege-Escalation.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit",
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://packetstormsecurity.com/files/157110/SMBv3-Compression-Buffer-Overflow.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://packetstormsecurity.com/files/157901/Microsoft-Windows-SMBGhost-Remote-Code-Execution.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://packetstormsecurity.com/files/158054/SMBleed-SMBGhost-Pre-Authentication-Remote-Code-Execution-Proof-Of-Concept.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0796"
    },
    {
      "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
      "tags": [
        "US Government Resource"
      ],
      "url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2020-0796"
    }
  ],
  "sourceIdentifier": "secure@microsoft.com",
  "vulnStatus": "Analyzed",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-119"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-119"
        }
      ],
      "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
      "type": "Secondary"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.