header-logo
Suggest Exploit
vendor:
Windows 10 and Windows Server
by:
Daniel García Gutiérrez and Manuel Blanco Parajón
10.0
CVSS
CRITICAL
Local Privilege Escalation
119
CWE
Product Name: Windows 10 and Windows Server
Affected Version From: Windows 10 version 1903 and 1909, Windows Server version 1903 and 1909
Affected Version To: Windows Server version 2004
Patch Exists: YES
Related CWE: CVE-2020-0796
CPE: o:microsoft:windows_10::-:1903, cpe:/o:microsoft:windows_10::-:1909, cpe:/o:microsoft:windows_server_2019::-:1903, cpe:/o:microsoft:windows_server_2019::-:1909, cpe:/o:microsoft:windows_server_2020::-:2004
Metasploit: https://www.rapid7.com/db/vulnerabilities/msft-cve-2020-0796/
Other Scripts: N/A
Platforms Tested: Windows, Linux, Mac
2020

Windows SMBv3 LPE Exploit

CVE-2020-0796 is a vulnerability in the Microsoft Server Message Block 3.1.1 (SMBv3) protocol which can allow an unauthenticated attacker to execute arbitrary code on the target system. The vulnerability is caused by a memory corruption issue in the SMBv3 protocol, which can be triggered by sending a specially crafted packet to a targeted SMBv3 server. The vulnerability affects Windows 10 version 1903 and 1909, Windows Server version 1903 and 1909, and Windows Server version 2004.

Mitigation:

Microsoft has released a patch for this vulnerability. Users should update their systems to the latest version of Windows 10 or Windows Server.
Source

Exploit-DB raw data:

# CVE-2020-0796

Windows SMBv3 LPE Exploit

![exploit](https://user-images.githubusercontent.com/1675387/77913732-110d4f80-7295-11ea-9af6-f17201c66673.gif)

## Authors

  * Daniel García Gutiérrez ([@danigargu](https://twitter.com/danigargu))
  * Manuel Blanco Parajón ([@dialluvioso_](https://twitter.com/dialluvioso_))

## References

* https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0796
* https://www.synacktiv.com/posts/exploit/im-smbghost-daba-dee-daba-da.html
* https://www.fortinet.com/blog/threat-research/cve-2020-0796-memory-corruption-vulnerability-in-windows-10-smb-server.html#.Xndfn0lv150.twitter
* https://www.mcafee.com/blogs/other-blogs/mcafee-labs/smbghost-analysis-of-cve-2020-0796/
* http://blogs.360.cn/post/CVE-2020-0796.html
* https://blog.zecops.com/vulnerabilities/vulnerability-reproduction-cve-2020-0796-poc/


Download ~ https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/48267.zip

Navigation

Suggest Exploit

Services By CQR