Microsoft SMBv3 Remote Code Execution Vulnerability

Added Feb. 10, 2022 • Due Aug. 10, 2022 • CVE-2020-0796

Overdue Microsoft / SMBv3 Known Ransomware Use CWE-119

Description

A remote code execution vulnerability exists in the way that the Microsoft Server Message Block 3.1.1 (SMBv3) protocol handles certain requests. An attacker who successfully exploited the vulnerability could gain the ability to execute code on the target server or client.

Required Action

Apply updates per vendor instructions.

References

https://nvd.nist.gov/vuln/detail/CVE-2020-0796

Additional Information

Catalog Version: 2025.01.24
Catalog Released: Jan. 24, 2025
Days Until Due: 0 days
Last Updated: 9 months, 3 weeks ago