{"containers": {"cna": {"affected": [{"product": "Windows 10 Version 1903 for 32-bit Systems", "vendor": "Microsoft", "versions": [{"status": "affected", "version": "unspecified"}]}, {"product": "Windows 10 Version 1903 for x64-based Systems", "vendor": "Microsoft", "versions": [{"status": "affected", "version": "unspecified"}]}, {"product": "Windows 10 Version 1903 for ARM64-based Systems", "vendor": "Microsoft", "versions": [{"status": "affected", "version": "unspecified"}]}, {"product": "Windows Server, version 1903 (Server Core installation)", "vendor": "Microsoft", "versions": [{"status": "affected", "version": "unspecified"}]}, {"product": "Windows 10 Version 1909 for 32-bit Systems", "vendor": "Microsoft", "versions": [{"status": "affected", "version": "unspecified"}]}, {"product": "Windows 10 Version 1909 for x64-based Systems", "vendor": "Microsoft", "versions": [{"status": "affected", "version": "unspecified"}]}, {"product": "Windows 10 Version 1909 for ARM64-based Systems", "vendor": "Microsoft", "versions": [{"status": "affected", "version": "unspecified"}]}, {"product": "Windows Server, version 1909 (Server Core installation)", "vendor": "Microsoft", "versions": [{"status": "affected", "version": "unspecified"}]}], "descriptions": [{"lang": "en", "value": "A remote code execution vulnerability exists in the way that the Microsoft Server Message Block 3.1.1 (SMBv3) protocol handles certain requests, aka 'Windows SMBv3 Client/Server Remote Code Execution Vulnerability'."}], "problemTypes": [{"descriptions": [{"description": "Remote Code Execution", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2020-06-11T18:06:05.000Z", "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "shortName": "microsoft"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0796"}, {"tags": ["x_refsource_MISC"], "url": "http://packetstormsecurity.com/files/156731/CoronaBlue-SMBGhost-Microsoft-Windows-10-SMB-3.1.1-Proof-Of-Concept.html"}, {"tags": ["x_refsource_MISC"], "url": "http://packetstormsecurity.com/files/156732/Microsoft-Windows-SMB-3.1.1-Remote-Code-Execution.html"}, {"tags": ["x_refsource_MISC"], "url": "http://packetstormsecurity.com/files/156980/Microsoft-Windows-10-SMB-3.1.1-Local-Privilege-Escalation.html"}, {"tags": ["x_refsource_MISC"], "url": "http://packetstormsecurity.com/files/157110/SMBv3-Compression-Buffer-Overflow.html"}, {"tags": ["x_refsource_MISC"], "url": "http://packetstormsecurity.com/files/157901/Microsoft-Windows-SMBGhost-Remote-Code-Execution.html"}, {"tags": ["x_refsource_MISC"], "url": "http://packetstormsecurity.com/files/158054/SMBleed-SMBGhost-Pre-Authentication-Remote-Code-Execution-Proof-Of-Concept.html"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "secure@microsoft.com", "ID": "CVE-2020-0796", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "Windows 10 Version 1903 for 32-bit Systems", "version": {"version_data": [{"version_value": ""}]}}, {"product_name": "Windows 10 Version 1903 for x64-based Systems", "version": {"version_data": [{"version_value": ""}]}}, {"product_name": "Windows 10 Version 1903 for ARM64-based Systems", "version": {"version_data": [{"version_value": ""}]}}, {"product_name": "Windows Server, version 1903 (Server Core installation)", "version": {"version_data": [{"version_value": ""}]}}, {"product_name": "Windows 10 Version 1909 for 32-bit Systems", "version": {"version_data": [{"version_value": ""}]}}, {"product_name": "Windows 10 Version 1909 for x64-based Systems", "version": {"version_data": [{"version_value": ""}]}}, {"product_name": "Windows 10 Version 1909 for ARM64-based Systems", "version": {"version_data": [{"version_value": ""}]}}, {"product_name": "Windows Server, version 1909 (Server Core installation)", "version": {"version_data": [{"version_value": ""}]}}]}, "vendor_name": "Microsoft"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "A remote code execution vulnerability exists in the way that the Microsoft Server Message Block 3.1.1 (SMBv3) protocol handles certain requests, aka 'Windows SMBv3 Client/Server Remote Code Execution Vulnerability'."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "Remote Code Execution"}]}]}, "references": {"reference_data": [{"name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0796", "refsource": "MISC", "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0796"}, {"name": "http://packetstormsecurity.com/files/156731/CoronaBlue-SMBGhost-Microsoft-Windows-10-SMB-3.1.1-Proof-Of-Concept.html", "refsource": "MISC", "url": "http://packetstormsecurity.com/files/156731/CoronaBlue-SMBGhost-Microsoft-Windows-10-SMB-3.1.1-Proof-Of-Concept.html"}, {"name": "http://packetstormsecurity.com/files/156732/Microsoft-Windows-SMB-3.1.1-Remote-Code-Execution.html", "refsource": "MISC", "url": "http://packetstormsecurity.com/files/156732/Microsoft-Windows-SMB-3.1.1-Remote-Code-Execution.html"}, {"name": "http://packetstormsecurity.com/files/156980/Microsoft-Windows-10-SMB-3.1.1-Local-Privilege-Escalation.html", "refsource": "MISC", "url": "http://packetstormsecurity.com/files/156980/Microsoft-Windows-10-SMB-3.1.1-Local-Privilege-Escalation.html"}, {"name": "http://packetstormsecurity.com/files/157110/SMBv3-Compression-Buffer-Overflow.html", "refsource": "MISC", "url": "http://packetstormsecurity.com/files/157110/SMBv3-Compression-Buffer-Overflow.html"}, {"name": "http://packetstormsecurity.com/files/157901/Microsoft-Windows-SMBGhost-Remote-Code-Execution.html", "refsource": "MISC", "url": "http://packetstormsecurity.com/files/157901/Microsoft-Windows-SMBGhost-Remote-Code-Execution.html"}, {"name": "http://packetstormsecurity.com/files/158054/SMBleed-SMBGhost-Pre-Authentication-Remote-Code-Execution-Proof-Of-Concept.html", "refsource": "MISC", "url": "http://packetstormsecurity.com/files/158054/SMBleed-SMBGhost-Pre-Authentication-Remote-Code-Execution-Proof-Of-Concept.html"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-04T06:18:01.914Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0796"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://packetstormsecurity.com/files/156731/CoronaBlue-SMBGhost-Microsoft-Windows-10-SMB-3.1.1-Proof-Of-Concept.html"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://packetstormsecurity.com/files/156732/Microsoft-Windows-SMB-3.1.1-Remote-Code-Execution.html"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://packetstormsecurity.com/files/156980/Microsoft-Windows-10-SMB-3.1.1-Local-Privilege-Escalation.html"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://packetstormsecurity.com/files/157110/SMBv3-Compression-Buffer-Overflow.html"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://packetstormsecurity.com/files/157901/Microsoft-Windows-SMBGhost-Remote-Code-Execution.html"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://packetstormsecurity.com/files/158054/SMBleed-SMBGhost-Pre-Authentication-Remote-Code-Execution-Proof-Of-Concept.html"}]}, {"metrics": [{"cvssV3_1": {"scope": "CHANGED", "version": "3.1", "baseScore": 10, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}}, {"other": {"type": "ssvc", "content": {"id": "CVE-2020-0796", "role": "CISA Coordinator", "options": [{"Exploitation": "active"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2025-02-04T15:32:19.594287Z"}}}, {"other": {"type": "kev", "content": {"dateAdded": "2022-02-10", "reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2020-0796"}}}], "references": [{"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2020-0796", "tags": ["government-resource"]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-119", "description": "CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer"}]}], "timeline": [{"time": "2022-02-10T00:00:00+00:00", "lang": "en", "value": "CVE-2020-0796 added to CISA KEV"}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-10-21T23:35:48.625Z"}}]}, "cveMetadata": {"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "assignerShortName": "microsoft", "cveId": "CVE-2020-0796", "datePublished": "2020-03-12T15:48:18.000Z", "dateReserved": "2019-11-04T00:00:00.000Z", "dateUpdated": "2025-10-21T23:35:48.625Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0796", "tags": ["x_refsource_MISC", "x_transferred"]}, {"url": "http://packetstormsecurity.com/files/156731/CoronaBlue-SMBGhost-Microsoft-Windows-10-SMB-3.1.1-Proof-Of-Concept.html", "tags": ["x_refsource_MISC", "x_transferred"]}, {"url": "http://packetstormsecurity.com/files/156732/Microsoft-Windows-SMB-3.1.1-Remote-Code-Execution.html", "tags": ["x_refsource_MISC", "x_transferred"]}, {"url": "http://packetstormsecurity.com/files/156980/Microsoft-Windows-10-SMB-3.1.1-Local-Privilege-Escalation.html", "tags": ["x_refsource_MISC", "x_transferred"]}, {"url": "http://packetstormsecurity.com/files/157110/SMBv3-Compression-Buffer-Overflow.html", "tags": ["x_refsource_MISC", "x_transferred"]}, {"url": "http://packetstormsecurity.com/files/157901/Microsoft-Windows-SMBGhost-Remote-Code-Execution.html", "tags": ["x_refsource_MISC", "x_transferred"]}, {"url": "http://packetstormsecurity.com/files/158054/SMBleed-SMBGhost-Pre-Authentication-Remote-Code-Execution-Proof-Of-Concept.html", "tags": ["x_refsource_MISC", "x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-04T06:18:01.914Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"cvssV3_1": {"scope": "CHANGED", "version": "3.1", "baseScore": 10, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}}, {"other": {"type": "ssvc", "content": {"id": "CVE-2020-0796", "role": "CISA Coordinator", "options": [{"Exploitation": "active"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2025-02-04T15:32:19.594287Z"}}}, {"other": {"type": "kev", "content": {"dateAdded": "2022-02-10", "reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?search_api_fulltext=CVE-2020-0796"}}}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-119", "description": "CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer"}]}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-02-04T15:32:42.576Z"}}], "cna": {"affected": [{"vendor": "Microsoft", "product": "Windows 10 Version 1903 for 32-bit Systems", "versions": [{"status": "affected", "version": "unspecified"}]}, {"vendor": "Microsoft", "product": "Windows 10 Version 1903 for x64-based Systems", "versions": [{"status": "affected", "version": "unspecified"}]}, {"vendor": "Microsoft", "product": "Windows 10 Version 1903 for ARM64-based Systems", "versions": [{"status": "affected", "version": "unspecified"}]}, {"vendor": "Microsoft", "product": "Windows Server, version 1903 (Server Core installation)", "versions": [{"status": "affected", "version": "unspecified"}]}, {"vendor": "Microsoft", "product": "Windows 10 Version 1909 for 32-bit Systems", "versions": [{"status": "affected", "version": "unspecified"}]}, {"vendor": "Microsoft", "product": "Windows 10 Version 1909 for x64-based Systems", "versions": [{"status": "affected", "version": "unspecified"}]}, {"vendor": "Microsoft", "product": "Windows 10 Version 1909 for ARM64-based Systems", "versions": [{"status": "affected", "version": "unspecified"}]}, {"vendor": "Microsoft", "product": "Windows Server, version 1909 (Server Core installation)", "versions": [{"status": "affected", "version": "unspecified"}]}], "references": [{"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0796", "tags": ["x_refsource_MISC"]}, {"url": "http://packetstormsecurity.com/files/156731/CoronaBlue-SMBGhost-Microsoft-Windows-10-SMB-3.1.1-Proof-Of-Concept.html", "tags": ["x_refsource_MISC"]}, {"url": "http://packetstormsecurity.com/files/156732/Microsoft-Windows-SMB-3.1.1-Remote-Code-Execution.html", "tags": ["x_refsource_MISC"]}, {"url": "http://packetstormsecurity.com/files/156980/Microsoft-Windows-10-SMB-3.1.1-Local-Privilege-Escalation.html", "tags": ["x_refsource_MISC"]}, {"url": "http://packetstormsecurity.com/files/157110/SMBv3-Compression-Buffer-Overflow.html", "tags": ["x_refsource_MISC"]}, {"url": "http://packetstormsecurity.com/files/157901/Microsoft-Windows-SMBGhost-Remote-Code-Execution.html", "tags": ["x_refsource_MISC"]}, {"url": "http://packetstormsecurity.com/files/158054/SMBleed-SMBGhost-Pre-Authentication-Remote-Code-Execution-Proof-Of-Concept.html", "tags": ["x_refsource_MISC"]}], "descriptions": [{"lang": "en", "value": "A remote code execution vulnerability exists in the way that the Microsoft Server Message Block 3.1.1 (SMBv3) protocol handles certain requests, aka 'Windows SMBv3 Client/Server Remote Code Execution Vulnerability'."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "text", "description": "Remote Code Execution"}]}], "providerMetadata": {"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "shortName": "microsoft", "dateUpdated": "2020-06-11T18:06:05.000Z"}, "x_legacyV4Record": {"affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"version": {"version_data": [{"version_value": ""}]}, "product_name": "Windows 10 Version 1903 for 32-bit Systems"}, {"version": {"version_data": [{"version_value": ""}]}, "product_name": "Windows 10 Version 1903 for x64-based Systems"}, {"version": {"version_data": [{"version_value": ""}]}, "product_name": "Windows 10 Version 1903 for ARM64-based Systems"}, {"version": {"version_data": [{"version_value": ""}]}, "product_name": "Windows Server, version 1903 (Server Core installation)"}, {"version": {"version_data": [{"version_value": ""}]}, "product_name": "Windows 10 Version 1909 for 32-bit Systems"}, {"version": {"version_data": [{"version_value": ""}]}, "product_name": "Windows 10 Version 1909 for x64-based Systems"}, {"version": {"version_data": [{"version_value": ""}]}, "product_name": "Windows 10 Version 1909 for ARM64-based Systems"}, {"version": {"version_data": [{"version_value": ""}]}, "product_name": "Windows Server, version 1909 (Server Core installation)"}]}, "vendor_name": "Microsoft"}]}}, "data_type": "CVE", "references": {"reference_data": [{"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0796", "name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0796", "refsource": "MISC"}, {"url": "http://packetstormsecurity.com/files/156731/CoronaBlue-SMBGhost-Microsoft-Windows-10-SMB-3.1.1-Proof-Of-Concept.html", "name": "http://packetstormsecurity.com/files/156731/CoronaBlue-SMBGhost-Microsoft-Windows-10-SMB-3.1.1-Proof-Of-Concept.html", "refsource": "MISC"}, {"url": "http://packetstormsecurity.com/files/156732/Microsoft-Windows-SMB-3.1.1-Remote-Code-Execution.html", "name": "http://packetstormsecurity.com/files/156732/Microsoft-Windows-SMB-3.1.1-Remote-Code-Execution.html", "refsource": "MISC"}, {"url": "http://packetstormsecurity.com/files/156980/Microsoft-Windows-10-SMB-3.1.1-Local-Privilege-Escalation.html", "name": "http://packetstormsecurity.com/files/156980/Microsoft-Windows-10-SMB-3.1.1-Local-Privilege-Escalation.html", "refsource": "MISC"}, {"url": "http://packetstormsecurity.com/files/157110/SMBv3-Compression-Buffer-Overflow.html", "name": "http://packetstormsecurity.com/files/157110/SMBv3-Compression-Buffer-Overflow.html", "refsource": "MISC"}, {"url": "http://packetstormsecurity.com/files/157901/Microsoft-Windows-SMBGhost-Remote-Code-Execution.html", "name": "http://packetstormsecurity.com/files/157901/Microsoft-Windows-SMBGhost-Remote-Code-Execution.html", "refsource": "MISC"}, {"url": "http://packetstormsecurity.com/files/158054/SMBleed-SMBGhost-Pre-Authentication-Remote-Code-Execution-Proof-Of-Concept.html", "name": "http://packetstormsecurity.com/files/158054/SMBleed-SMBGhost-Pre-Authentication-Remote-Code-Execution-Proof-Of-Concept.html", "refsource": "MISC"}]}, "data_format": "MITRE", "description": {"description_data": [{"lang": "eng", "value": "A remote code execution vulnerability exists in the way that the Microsoft Server Message Block 3.1.1 (SMBv3) protocol handles certain requests, aka 'Windows SMBv3 Client/Server Remote Code Execution Vulnerability'."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "Remote Code Execution"}]}]}, "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2020-0796", "STATE": "PUBLIC", "ASSIGNER": "secure@microsoft.com"}}}}, "cveMetadata": {"cveId": "CVE-2020-0796", "state": "PUBLISHED", "dateUpdated": "2025-02-04T15:33:35.076Z", "dateReserved": "2019-11-04T00:00:00.000Z", "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "datePublished": "2020-03-12T15:48:18.000Z", "assignerShortName": "microsoft"}, "dataVersion": "5.1"}

{"cisaActionDue": "2022-08-10", "cisaExploitAdd": "2022-02-10", "cisaRequiredAction": "Apply updates per vendor instructions.", "cisaVulnerabilityName": "Microsoft SMBv3 Remote Code Execution Vulnerability", "configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:microsoft:windows_10_1903:-:*:*:*:*:*:arm64:*", "matchCriteriaId": "9E1ED169-6F03-4BD5-B227-5FA54DB40AD7", "vulnerable": true}, {"criteria": "cpe:2.3:o:microsoft:windows_10_1903:-:*:*:*:*:*:x64:*", "matchCriteriaId": "5C5B5180-1E12-45C2-8275-B9E528955307", "vulnerable": true}, {"criteria": "cpe:2.3:o:microsoft:windows_10_1903:-:*:*:*:*:*:x86:*", "matchCriteriaId": "B6A0DB01-49CB-4445-AFE8-57C2186857BA", "vulnerable": true}, {"criteria": "cpe:2.3:o:microsoft:windows_10_1909:-:*:*:*:*:*:arm64:*", "matchCriteriaId": "9285A9B5-4759-43E7-9589-CDBCA7100605", "vulnerable": true}, {"criteria": "cpe:2.3:o:microsoft:windows_10_1909:-:*:*:*:*:*:x64:*", "matchCriteriaId": "0D77EA14-F61D-4B9E-A385-70B88C482116", "vulnerable": true}, {"criteria": "cpe:2.3:o:microsoft:windows_10_1909:-:*:*:*:*:*:x86:*", "matchCriteriaId": "1A6FC9EE-D486-4AFE-A20E-4278468A1779", "vulnerable": true}, {"criteria": "cpe:2.3:o:microsoft:windows_server_1903:-:*:*:*:*:*:x64:*", "matchCriteriaId": "FFE3495D-291C-46B6-B758-23E16A53A7C3", "vulnerable": true}, {"criteria": "cpe:2.3:o:microsoft:windows_server_1909:-:*:*:*:*:*:x64:*", "matchCriteriaId": "11E7F8F0-4FA8-4AA6-92A5-860E77AC933D", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "A remote code execution vulnerability exists in the way that the Microsoft Server Message Block 3.1.1 (SMBv3) protocol handles certain requests, aka 'Windows SMBv3 Client/Server Remote Code Execution Vulnerability'."}, {"lang": "es", "value": "Existe una vulnerabilidad de ejecuci\u00f3n de c\u00f3digo remota en la manera en que el protocolo Microsoft Server Message Block (SMBv3) versi\u00f3n 3.1.1, maneja determinadas peticiones, tambi\u00e9n se conoce como ''Windows SMBv3 Client/Server Remote Code Execution Vulnerability\"."}], "id": "CVE-2020-0796", "lastModified": "2025-10-29T14:27:11.213", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 7.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 10.0, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 6.0, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 10.0, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 6.0, "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}, "published": "2020-03-12T16:15:15.627", "references": [{"source": "secure@microsoft.com", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://packetstormsecurity.com/files/156731/CoronaBlue-SMBGhost-Microsoft-Windows-10-SMB-3.1.1-Proof-Of-Concept.html"}, {"source": "secure@microsoft.com", "tags": ["Exploit", "Third Party Advisory", "VDB Entry"], "url": "http://packetstormsecurity.com/files/156732/Microsoft-Windows-SMB-3.1.1-Remote-Code-Execution.html"}, {"source": "secure@microsoft.com", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://packetstormsecurity.com/files/156980/Microsoft-Windows-10-SMB-3.1.1-Local-Privilege-Escalation.html"}, {"source": "secure@microsoft.com", "tags": ["Exploit", "Third Party Advisory", "VDB Entry"], "url": "http://packetstormsecurity.com/files/157110/SMBv3-Compression-Buffer-Overflow.html"}, {"source": "secure@microsoft.com", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://packetstormsecurity.com/files/157901/Microsoft-Windows-SMBGhost-Remote-Code-Execution.html"}, {"source": "secure@microsoft.com", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://packetstormsecurity.com/files/158054/SMBleed-SMBGhost-Pre-Authentication-Remote-Code-Execution-Proof-Of-Concept.html"}, {"source": "secure@microsoft.com", "tags": ["Patch", "Vendor Advisory"], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0796"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://packetstormsecurity.com/files/156731/CoronaBlue-SMBGhost-Microsoft-Windows-10-SMB-3.1.1-Proof-Of-Concept.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit", "Third Party Advisory", "VDB Entry"], "url": "http://packetstormsecurity.com/files/156732/Microsoft-Windows-SMB-3.1.1-Remote-Code-Execution.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://packetstormsecurity.com/files/156980/Microsoft-Windows-10-SMB-3.1.1-Local-Privilege-Escalation.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit", "Third Party Advisory", "VDB Entry"], "url": "http://packetstormsecurity.com/files/157110/SMBv3-Compression-Buffer-Overflow.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://packetstormsecurity.com/files/157901/Microsoft-Windows-SMBGhost-Remote-Code-Execution.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://packetstormsecurity.com/files/158054/SMBleed-SMBGhost-Pre-Authentication-Remote-Code-Execution-Proof-Of-Concept.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch", "Vendor Advisory"], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0796"}, {"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "tags": ["US Government Resource"], "url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2020-0796"}], "sourceIdentifier": "secure@microsoft.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-119"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-119"}], "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}

{}

{}