CVE-2020-0796

nvd nist nuclei

Published: Mar 12, 2020Modified: Oct 29, 2025CISA KEV

10.0

Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

Exploitability: 3.9 / Impact: 6.0

Source: NVD

Description

A remote code execution vulnerability exists in the way that the Microsoft Server Message Block 3.1.1 (SMBv3) protocol handles certain requests, aka 'Windows SMBv3 Client/Server Remote Code Execution Vulnerability'.

Affected (8)

Products: Microsoft: Windows 10 1903, Windows 10 1909, Windows Server 1903, Windows Server 1909

4 products

Windows 10 1903

Windows 10 1909

Windows Server 1903

Windows Server 1909

Configuration A

8 vulnerable

Vulnerable Software	Affected Versions
Microsoft Windows 10 1903	All versions
Microsoft Windows 10 1903	All versions
Microsoft Windows 10 1903	All versions
Microsoft Windows 10 1909	All versions
Microsoft Windows 10 1909	All versions
Microsoft Windows 10 1909	All versions
Microsoft Windows Server 1903	All versions
Microsoft Windows Server 1909	All versions

Related CWEs

Improper Restriction of Operations within the Bounds of a Memory Buffer

The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.

References (15)

http://packetstormsecurity.com/files/156731/CoronaBlue-SMBGhost-Microsoft-Windows-10-SMB-3.1.1-Proof-Of-Concept.html

Source: secure@microsoft.com

Third Party AdvisoryVDB Entry

http://packetstormsecurity.com/files/156732/Microsoft-Windows-SMB-3.1.1-Remote-Code-Execution.html

Source: secure@microsoft.com

ExploitThird Party AdvisoryVDB Entry

http://packetstormsecurity.com/files/156980/Microsoft-Windows-10-SMB-3.1.1-Local-Privilege-Escalation.html

Source: secure@microsoft.com

Third Party AdvisoryVDB Entry

http://packetstormsecurity.com/files/157110/SMBv3-Compression-Buffer-Overflow.html

Source: secure@microsoft.com

ExploitThird Party AdvisoryVDB Entry

http://packetstormsecurity.com/files/157901/Microsoft-Windows-SMBGhost-Remote-Code-Execution.html

Source: secure@microsoft.com

Third Party AdvisoryVDB Entry

http://packetstormsecurity.com/files/158054/SMBleed-SMBGhost-Pre-Authentication-Remote-Code-Execution-Proof-Of-Concept.html

Source: secure@microsoft.com

Third Party AdvisoryVDB Entry

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0796

Source: secure@microsoft.com

PatchVendor Advisory

http://packetstormsecurity.com/files/156731/CoronaBlue-SMBGhost-Microsoft-Windows-10-SMB-3.1.1-Proof-Of-Concept.html

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party AdvisoryVDB Entry

http://packetstormsecurity.com/files/156732/Microsoft-Windows-SMB-3.1.1-Remote-Code-Execution.html

Source: af854a3a-2127-422b-91ae-364da2661108

ExploitThird Party AdvisoryVDB Entry

http://packetstormsecurity.com/files/156980/Microsoft-Windows-10-SMB-3.1.1-Local-Privilege-Escalation.html

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party AdvisoryVDB Entry

http://packetstormsecurity.com/files/157110/SMBv3-Compression-Buffer-Overflow.html

Source: af854a3a-2127-422b-91ae-364da2661108

ExploitThird Party AdvisoryVDB Entry

http://packetstormsecurity.com/files/157901/Microsoft-Windows-SMBGhost-Remote-Code-Execution.html

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party AdvisoryVDB Entry

http://packetstormsecurity.com/files/158054/SMBleed-SMBGhost-Pre-Authentication-Remote-Code-Execution-Proof-Of-Concept.html

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party AdvisoryVDB Entry

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0796

Source: af854a3a-2127-422b-91ae-364da2661108

PatchVendor Advisory

https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2020-0796

Source: 134c704f-9b21-4f2e-91b3-4a467353bcc0

US Government Resource

Timeline

No history available yet.