Thursday, December 5, 2024
HomeComputer SecurityMicrosoft Released Patches for Wormable Windows SMBv3 RCE Flaw - More than...

Microsoft Released Patches for Wormable Windows SMBv3 RCE Flaw – More than 48000 Hosts are Vulnerable

Published on

SIEM as a Service

Microsoft patched a critical Remote Code Execution Vulnerability with Windows SMBv3 Client/Server that allows an attacker to execute code remotely.

The flaw can be tracked as CVE-2020-0796 and the flaw impacts only Windows 10 Version and Windows Server Version 1903. It was leaked accidentally as part of the March 2020 Patch Tuesday update.

SMBv3 RCE Flaw

The vulnerability resides in the way that certain requests handled by Microsoft Server Message Block 3.1.1. An attacker exploiting the vulnerability can gain the ability to execute code on the target SMB Server or SMB Client.

- Advertisement - SIEM as a Service

Now the vulnerability patched by Microsoft, server administrators are recommended to apply the patches to protect the networks.

According to the scan run by Kryptos Logic more than 48000 vulnerable hosts were identified. Kryptos Logic also added that they have developed a basic PoC.

“To exploit the vulnerability against an SMB Server, an unauthenticated attacker could send a specially crafted packet to a targeted SMBv3 server. To exploit the vulnerability against an SMB Client, an unauthenticated attacker would need to configure a malicious SMBv3 Server and convince a user to connect to it,” reads Microsoft document.

Microsoft also stated that the vulnerability was not yet exploited in the wild and the details not publically disclosed.

Affected versions

The vulnerability affects Windows 10 Version desktop version and the Windows Server Version 1903.

  • Windows 10 Version 1903 for 32-bit Systems
  • Windows 10 Version 1903 for x64-based Systems
  • Windows 10 Version 1903 for ARM64-based Systems
  • Windows Server, version 1903 (Server Core installation)
  • Windows 10 Version 1909 for 32-bit Systems
  • Windows 10 Version 1909 for x64-based Systems
  • Windows 10 Version 1909 for ARM64-based Systems
  • Windows Server, version 1909 (Server Core installation)
Gurubaran
Gurubaran
Gurubaran is a co-founder of Cyber Security News and GBHackers On Security. He has 10+ years of experience as a Security Consultant, Editor, and Analyst in cybersecurity, technology, and communications.

Latest articles

CISA Warns of Zyxel Firewalls, CyberPanel, North Grid, & ProjectSend Flaws Exploited in Wild

The Cybersecurity and Infrastructure Security Agency (CISA) has issued warnings about several vulnerabilities being...

HackSynth : Autonomous Pentesting Framework For Simulating Cyberattacks

HackSynth is an autonomous penetration testing agent that leverages Large Language Models (LLMs) to...

Fuji Electric Indonesia Hit by Ransomware Attack

Fuji Electric Indonesia has fallen victim to a ransomware attack, impacting its operations and...

Thinkware Cloud APK Vulnerability Allows Code Execution With Elevated Privileges

A critical vulnerability identified as CVE-2024–53614 has been discovered in the Thinkware Cloud APK...

API Security Webinar

72 Hours to Audit-Ready API Security

APIs present a unique challenge in this landscape, as risk assessment and mitigation are often hindered by incomplete API inventories and insufficient documentation.

Join Vivek Gopalan, VP of Products at Indusface, in this insightful webinar as he unveils a practical framework for discovering, assessing, and addressing open API vulnerabilities within just 72 hours.

Discussion points

API Discovery: Techniques to identify and map your public APIs comprehensively.
Vulnerability Scanning: Best practices for API vulnerability analysis and penetration testing.
Clean Reporting: Steps to generate a clean, audit-ready vulnerability report within 72 hours.

More like this

Firefox 133.0 Released with Multiple Security Updates – What’s New!

Mozilla has officially launched Firefox 133.0, offering enhanced features, significant performance improvements, and critical...

Digital Wallets Bypassed To Allow Purchase With Stolen Cards

Digital wallets enable users to securely store their financial information on smart devices and...

Best SIEM Tools List For SOC Team – 2024

The Best SIEM tools for you will depend on your specific requirements, budget, and...