CVE-2020-0796

Known Exploited (CISA KEV)CRITICAL

10.0

CVSS Severity Score

EPSS Score27.2930%

EPSS Percentile94.39th

Published2020年3月12日

Last Modified2025年10月29日

Vulnerability Description

A remote code execution vulnerability exists in the way that the Microsoft Server Message Block 3.1.1 (SMBv3) protocol handles certain requests, aka 'Windows SMBv3 Client/Server Remote Code Execution Vulnerability'.

All versions

References & Advisories

🔗 http://packetstormsecurity.com/files/156731/CoronaBlue-SMBGhost-Microsoft-Windows-10-SMB-3.1.1-Proof-Of-Concept.html

🔗 http://packetstormsecurity.com/files/156732/Microsoft-Windows-SMB-3.1.1-Remote-Code-Execution.html

🔗 http://packetstormsecurity.com/files/156980/Microsoft-Windows-10-SMB-3.1.1-Local-Privilege-Escalation.html

🔗 http://packetstormsecurity.com/files/157110/SMBv3-Compression-Buffer-Overflow.html

🔗 http://packetstormsecurity.com/files/157901/Microsoft-Windows-SMBGhost-Remote-Code-Execution.html

🔗 http://packetstormsecurity.com/files/158054/SMBleed-SMBGhost-Pre-Authentication-Remote-Code-Execution-Proof-Of-Concept.html

🔗 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0796

🔗 http://packetstormsecurity.com/files/156731/CoronaBlue-SMBGhost-Microsoft-Windows-10-SMB-3.1.1-Proof-Of-Concept.html

Vulnerability Description

Affected Platforms (CPE)

Windows 10 1903

Windows 10 1903

Windows 10 1903

Windows 10 1909

Windows 10 1909

Windows 10 1909

Windows Server 1903

Windows Server 1909

References & Advisories

相关漏洞威胁