CVE-2020-0796

Name of the Vulnerable Software and Affected Versions Microsoft Server Message Block (SMB) version 3.1.1 Microsoft Windows 10 versions 1903 through 1909 Microsoft Windows Server (affected versions not specified)

Description A remote code execution issue exists in the way the Microsoft Server Message Block 3.1.1 (SMBv3) protocol handles certain requests. This issue allows remote attackers to execute arbitrary code and affect the system. The vulnerability, also known as 'Windows SMBv3 Client/Server Remote Code Execution Vulnerability' or 'SMBGhost', is considered wormable and affects version 3.1.1 of Microsoft’s SMB file-sharing system.

Recommendations For Microsoft Server Message Block (SMB) version 3.1.1: Disable SMB compression and block SMB (port 137, 139, 445) inbound/outbound to avoid attacks. For Microsoft Windows 10 versions 1903 through 1909: Apply the patch released by Microsoft to fix the issue. For Microsoft Windows Server: Apply the patch released by Microsoft to fix the issue, or follow the same mitigation measures as for SMB version 3.1.1 if a patch is not available.