Main Vulnerability Database Exploits ID:9104 - Exploit for Input validation error in Windows and Windows Server - CVE-2020-0796

ID:9104 - Exploit for Input validation error in Windows and Windows Server - CVE-2020-0796

Published: June 14, 2023

Vulnerability identifier: #VU25980

Vulnerability risk: High

CVE-ID: CVE-2020-0796

CWE-ID: CWE-20

Exploitation vector: Remote access

Vulnerable software:
Windows
Windows Server

Link to public exploit:

https://github.com/Ajomix/CVE-2020-0796

Vulnerability description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists in the way that the Microsoft Server Message Block 3.1.1 (SMBv3) protocol handles certain requests. A remote attacker can trick a client to connect to a malicious SMB server and execute arbitrary code on the system.

Remediation

Install update from vendor's website.

ID:9104 - Exploit for Input validation error in Windows and Windows Server - CVE-2020-0796

Link to public exploit:

Vulnerability description

Remediation

Please verify you're human