CVE-2020-0796
CVE-2020-0796
Em resumo
Uma falha crítica no protocolo SMBv3 do Windows (usado para compartilhamento de arquivos) permite que atacantes executem código malicioso remotamente em computadores vulneráveis sem precisar de permissões especiais. É particularmente perigosa porque SMBv3 é amplamente usado em redes e o ataque requer mínima interação.
Detalhe técnico
Vulnerabilidade de execução remota de código no protocolo SMBv3 (CWE-119: buffer overflow) acionada por requisições de rede especialmente criadas. Vetor de ataque é pela rede sem autenticação necessária; sistemas afetados processam automaticamente pacotes SMBv3 maliciosos que corrompem memória e resultam em execução de código arbitrário com privilégios do sistema.
Resumo gerado e traduzido por IA a partir da descrição oficial.
A remote code execution vulnerability exists in the way that the Microsoft Server Message Block 3.1.1 (SMBv3) protocol handles certain requests, aka 'Windows SMBv3 Client/Server Remote Code Execution Vulnerability'.
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
Produtos afetados
Microsoft · Windows 10 Version 1903 for 32-bit SystemsMicrosoft · Windows 10 Version 1903 for ARM64-based SystemsMicrosoft · Windows 10 Version 1903 for x64-based SystemsMicrosoft · Windows 10 Version 1909 for 32-bit SystemsMicrosoft · Windows 10 Version 1909 for ARM64-based SystemsMicrosoft · Windows 10 Version 1909 for x64-based SystemsMicrosoft · Windows Server, version 1903 (Server Core installation)Microsoft · Windows Server, version 1909 (Server Core installation)PoCs públicas encontradas — 97
githubgithub.com/danigargu/CVE-2020-0796★ 1357githubgithub.com/ly4k/SMBGhost★ 717githubgithub.com/jamf/CVE-2020-0796-RCE-POC★ 573githubgithub.com/Barriuso/SMBGhost_AutomateExploitation★ 347githubgithub.com/eerykitty/CVE-2020-0796-PoC★ 333githubgithub.com/jamf/CVE-2020-0796-LPE-POC★ 245githubgithub.com/Rvn0xsy/CVE_2020_0796_CNA★ 75githubgithub.com/rsmudge/CVE-2020-0796-BOF★ 70githubgithub.com/jiansiting/CVE-2020-0796★ 64githubgithub.com/ioncodes/SMBGhost★ 58githubgithub.com/k8gege/PyLadon★ 51githubgithub.com/jamf/SMBGhost-SMBleed-scanner★ 44githubgithub.com/eastmountyxz/CVE-2020-0796-SMB★ 33githubgithub.com/T13nn3s/CVE-2020-0796★ 28githubgithub.com/maxpl0it/Unauthenticated-CVE-2020-0796-PoC★ 22githubgithub.com/Almorabea/SMBGhost-LPE-Metasploit-Module★ 20githubgithub.com/gabimarti/SMBScanner★ 19githubgithub.com/0x25bit/CVE-2020-0796-PoC★ 19githubgithub.com/ButrintKomoni/cve-2020-0796★ 17githubgithub.com/f1tz/CVE-2020-0796-LPE-EXP★ 17githubgithub.com/GuoKerS/aioScan_CVE-2020-0796★ 15githubgithub.com/dickens88/cve-2020-0796-scanner★ 14githubgithub.com/joaozietolie/CVE-2020-0796-Checker★ 14githubgithub.com/w1ld3r/SMBGhost_Scanner★ 14githubgithub.com/thelostworldFree/CVE-2020-0796★ 11githubgithub.com/jiansiting/CVE-2020-0796-Scanner★ 9githubgithub.com/technion/DisableSMBCompression★ 9githubgithub.com/0xeb-bp/cve-2020-0796★ 7githubgithub.com/dungnm24/CVE-2020-0796★ 6githubgithub.com/vysecurity/CVE-2020-0796★ 5githubgithub.com/orangmuda/CVE-2020-0796★ 5githubgithub.com/tango-j/CVE-2020-0796★ 4githubgithub.com/wneessen/SMBCompScan★ 4githubgithub.com/sujitawake/smbghost★ 3githubgithub.com/exp-sky/CVE-2020-0796★ 3githubgithub.com/codewithpradhan/SMBGhost-CVE-2020-0796-★ 2githubgithub.com/Jagadeesh7532/-CVE-2020-0796-SMBGhost-Windows-10-SMBv3-Remote-Code-Execution-Vulnerability★ 2githubgithub.com/MasterSploit/LPE---CVE-2020-0796★ 2githubgithub.com/TinToSer/CVE-2020-0796-LPE★ 2githubgithub.com/Anonimo501/SMBGhost_CVE-2020-0796_checker★ 2githubgithub.com/laolisafe/CVE-2020-0796★ 2githubgithub.com/DannyRavi/nmap-scripts★ 2githubgithub.com/cory-zajicek/CVE-2020-0796-DoS★ 1githubgithub.com/awareseven/eternalghosttest★ 1githubgithub.com/Dhoomralochana/Scanners-for-CVE-2020-0796-Testing★ 1githubgithub.com/netscylla/SMBGhost★ 1githubgithub.com/BinaryShadow94/SMBv3.1.1-scan---CVE-2020-0796★ 1githubgithub.com/ran-sama/CVE-2020-0796★ 1githubgithub.com/julixsalas/CVE-2020-0796★ 1githubgithub.com/LabDookhtegan/CVE-2020-0796-EXP★ 1githubgithub.com/datntsec/CVE-2020-0796★ 1githubgithub.com/1stPeak/CVE-2020-0796-Scanner★ 1githubgithub.com/F6JO/CVE-2020-0796-Batch-scanning★ 1githubgithub.com/arzuozkan/CVE-2020-0796★ 1githubgithub.com/SEHandler/CVE-2020-0796★ 1githubgithub.com/OldDream666/cve-2020-0796★ 1githubgithub.com/AdamSonov/smbGhostCVE-2020-0796★ 1githubgithub.com/bsec404/CVE-2020-0796★ 1githubgithub.com/cybermads/CVE-2020-0796★ 1githubgithub.com/1060275195/SMBGhost★ 0githubgithub.com/Almorabea/SMBGhost-WorkaroundApplier★ 0githubgithub.com/UraSecTeam/smbee★ 0githubgithub.com/xax007/CVE-2020-0796-Scanner★ 0githubgithub.com/AaronCaiii/CVE-2020-0796-POC★ 0githubgithub.com/maqeel-git/CVE-2020-0796★ 0githubgithub.com/kn6869610/CVE-2020-0796★ 0githubgithub.com/esmwaSpyware/DoS-PoC-for-CVE-2020-0796-SMBGhost-★ 0githubgithub.com/tdevworks/CVE-2020-0796-SMBGhost-Exploit-Demo★ 0githubgithub.com/intelliroot-tech/cve-2020-0796-Scanner★ 0githubgithub.com/section-c/CVE-2020-0796★ 0githubgithub.com/bacth0san96/SMBGhostScanner★ 0githubgithub.com/halsten/CVE-2020-0796★ 0githubgithub.com/ysyyrps123/CVE-2020-0796★ 0githubgithub.com/ysyyrps123/CVE-2020-0796-exp★ 0githubgithub.com/tripledd/cve-2020-0796-vuln★ 0githubgithub.com/wsfengfan/CVE-2020-0796★ 0githubgithub.com/Opensitoo/cve-2020-0796★ 0githubgithub.com/Murasame-nc/CVE-2020-0796-LPE-POC★ 0githubgithub.com/lisinan988/CVE-2020-0796-exp★ 0githubgithub.com/vsai94/ECE9069_SMBGhost_Exploit_CVE-2020-0796-★ 0githubgithub.com/nyambiblaise/Microsoft-Windows-SMBGhost-Vulnerability-Checker---CVE-2020-0796---SMBv3-RCE★ 0githubgithub.com/thai1012/cve-2020-0796★ 0githubgithub.com/TweatherQ/CVE-2020-0796★ 0githubgithub.com/krizzz07/CVE-2020-0796★ 0githubgithub.com/Justjeff211/conti-ransomware-writeup★ 0githubgithub.com/hungdnvp/POC-CVE-2020-0796★ 0githubgithub.com/z3ena/Exploiting-and-Mitigating-CVE-2020-0796-SMBGhost-and-Print-Spooler-Vulnerabilities★ 0githubgithub.com/monjheta/CVE-2020-0796★ 0cve_referencepacketstormsecurity.com/files/158054/SMBleed-SMBGhost-Pre-Authentication-Remote-Code-Execution-Proof-Of-Concept.htmlnão verificadocve_referencepacketstormsecurity.com/files/156980/Microsoft-Windows-10-SMB-3.1.1-Local-Privilege-Escalation.htmlnão verificadocve_referencepacketstormsecurity.com/files/157901/Microsoft-Windows-SMBGhost-Remote-Code-Execution.htmlnão verificadoexploitdbwww.exploit-db.com/exploits/48267não verificadocve_referencepacketstormsecurity.com/files/156732/Microsoft-Windows-SMB-3.1.1-Remote-Code-Execution.htmlnão verificadocve_referencepacketstormsecurity.com/files/156731/CoronaBlue-SMBGhost-Microsoft-Windows-10-SMB-3.1.1-Proof-Of-Concept.htmlnão verificadocve_referencepacketstormsecurity.com/files/157110/SMBv3-Compression-Buffer-Overflow.htmlnão verificadoexploitdbwww.exploit-db.com/exploits/48537não verificadoexploitdbwww.exploit-db.com/exploits/48216não verificado⚠ Recursos públicos, para você avaliar a exposição de sistemas que controla ou está autorizado a testar. Teste apenas com autorização.
Quer saber se a sua infraestrutura está exposta a isto?
Falar com a TrueHacking →Referências
http://packetstormsecurity.com/files/156731/CoronaBlue-SMBGhost-Microsoft-Windows-10-SMB-3.1.1-Proof-Of-Concept.htmlhttp://packetstormsecurity.com/files/156732/Microsoft-Windows-SMB-3.1.1-Remote-Code-Execution.htmlhttp://packetstormsecurity.com/files/156980/Microsoft-Windows-10-SMB-3.1.1-Local-Privilege-Escalation.htmlhttp://packetstormsecurity.com/files/157110/SMBv3-Compression-Buffer-Overflow.htmlhttp://packetstormsecurity.com/files/157901/Microsoft-Windows-SMBGhost-Remote-Code-Execution.htmlhttp://packetstormsecurity.com/files/158054/SMBleed-SMBGhost-Pre-Authentication-Remote-Code-Execution-Proof-Of-Concept.htmlhttps://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0796https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2020-0796