Multiple vulnerabilities in Microsoft Windows SMBv3 Client/Server
| Risk | Medium |
| Patch available | YES |
| Number of vulnerabilities | 2 |
| CVE-ID | CVE-2020-1206 CVE-2020-1284 |
| CWE-ID | CWE-200 CWE-20 |
| Exploitation vector | Network |
| Public exploit | Public exploit code for vulnerability #1 is available. |
| Vulnerable software |
Windows Operating systems & Components / Operating system Windows Server Operating systems & Components / Operating system |
| Vendor | Microsoft |
Security Bulletin
This security bulletin contains information about 2 vulnerabilities.
1) Information disclosure
EUVDB-ID: #VU28869
Risk: Medium
CVSSv4.0: 7.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:P/U:Green]
CVE-ID: CVE-2020-1206
CWE-ID:
CWE-200 - Information exposure
Exploit availability: Yes
DescriptionThe vulnerability allows a remote attacker to gain access to potentially sensitive information.
The vulnerability exists due to the way Microsoft Server Message Block 3.1.1 (SMBv3) protocol handles certain requests A remote attacker can send a specially crafted packet to a targeted SMBv3 server gain unauthorized access to sensitive information on the system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsWindows: 10 1903 10.0.18362.116 - 10 2004 10.0.19041.264
Windows Server: 2019 1903 - 2019 2004
CPE2.3- cpe:2.3:o:microsoft:windows:10_1903:10.0.18362.116:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows:10_1909:10.0.18363.476:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows:10_2004:10.0.19041.264:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_server:2019_2004:*:*:*:*:*:*:*
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1206
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.
2) Input validation error
EUVDB-ID: #VU28870
Risk: Medium
CVSSv4.0: 4.3 [CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:A/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2020-1284
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to the way Microsoft Server Message Block 3.1.1 (SMBv3) protocol handles certain requests.
To exploit the vulnerability against a server, an authenticated attacker can send a specially crafted packet to a targeted SMBv3 server. To exploit the vulnerability against a client, an unauthenticated attacker would need to configure malicious SMBv3 server and convince a user to connect to it.
Install updates from vendor's website.
Vulnerable software versionsWindows: 10 2004 10.0.19041.264
Windows Server: 2019 2004
CPE2.3https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1284
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
