V
Scaner-VS
ENRU
HomeCatalogSourcesCWECAPECATT&CKMitigationsDocs
Back to catalog
CVE-2020-0796
MSR
Critical KEVConfirmedExploit available

A remote code execution vulnerability exists in the way that the Microsoft Server Message Block 3.1.1 (SMBv3) protocol handles certain requ…

CVSS
10.0
Critical
EPSS
1.00
p99
Published
2020-01-01
Updated
2022-02-10
Description

A remote code execution vulnerability exists in the way that the Microsoft Server Message Block 3.1.1 (SMBv3) protocol handles certain requests, aka 'Windows SMBv3 Client/Server Remote Code Execution Vulnerability'.

Tags · CWE
KEVRCEPre-auth
CWE-119
CAPEC-8
CAPEC-9
CAPEC-10
CAPEC-14
CAPEC-24
CAPEC-42
CAPEC-44
CAPEC-45
CAPEC-46
CAPEC-47
CAPEC-100
CAPEC-123
Affected products
Windows_10_1903Windows_10_1909Windows_server_1903Windows_server_1909
CVSS vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
Timeline
2020-01-01
Published
2022-02-10
Added to KEV
2022-02-10
Updated
CVSS 3.1 breakdown
Attack Vector
AV: N
Network (N)
Attack Complexity
AC: L
Low (L)
Privileges Required
PR: N
None (N)
User Interaction
UI: N
None (N)
Scope
S: C
Changed (C)
Confidentiality Impact
C: H
High (H)
Integrity Impact
I: H
High (H)
Availability Impact
A: H
High (H)
Exploit indicators
EPSS
0.998 · p99
Known exploited (KEV)
Yes
Known exploits — Сканер-ВС
CVE-2020-0796
cisa · https://www.cisa.gov/known-exploited-vulnerabilities-catalog
Enterprise
48216
exploitdb · https://www.exploit-db.com/exploits/48216
Enterprise
48267
exploitdb · https://www.exploit-db.com/exploits/48267
Enterprise
48537
exploitdb · https://www.exploit-db.com/exploits/48537
Enterprise
Affected software
ProductVendorStatus
windows_10_1903*Exploited
windows_10_1909*Exploited
windows_server_1903*Exploited
windows_server_1909*Exploited
WindowsMicrosoftExploited
Source databases
MSR
CVE
Related vulnerabilities
BDU:2020-01005