CVE-2020-0796

Known Exploited (CISA KEV)CRITICAL

10.0

CVSS Severity Score

EPSS Score27.2930%

EPSS Percentile94.39th

PublishedMar 12, 2020

Last ModifiedOct 29, 2025

Vulnerability Description

A remote code execution vulnerability exists in the way that the Microsoft Server Message Block 3.1.1 (SMBv3) protocol handles certain requests, aka 'Windows SMBv3 Client/Server Remote Code Execution Vulnerability'.

All versions

References & Advisories

🔗 http://packetstormsecurity.com/files/156731/CoronaBlue-SMBGhost-Microsoft-Windows-10-SMB-3.1.1-Proof-Of-Concept.html

🔗 http://packetstormsecurity.com/files/156732/Microsoft-Windows-SMB-3.1.1-Remote-Code-Execution.html

🔗 http://packetstormsecurity.com/files/156980/Microsoft-Windows-10-SMB-3.1.1-Local-Privilege-Escalation.html

🔗 http://packetstormsecurity.com/files/157110/SMBv3-Compression-Buffer-Overflow.html

🔗 http://packetstormsecurity.com/files/157901/Microsoft-Windows-SMBGhost-Remote-Code-Execution.html

🔗 http://packetstormsecurity.com/files/158054/SMBleed-SMBGhost-Pre-Authentication-Remote-Code-Execution-Proof-Of-Concept.html

🔗 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0796

🔗 http://packetstormsecurity.com/files/156731/CoronaBlue-SMBGhost-Microsoft-Windows-10-SMB-3.1.1-Proof-Of-Concept.html

Vulnerability Description

Affected Platforms (CPE)

Windows 10 1903

Windows 10 1903

Windows 10 1903

Windows 10 1909

Windows 10 1909

Windows 10 1909

Windows Server 1903

Windows Server 1909

References & Advisories

Related Vulnerabilities