Rapid7 Vulnerability & Exploit Database

Microsoft CVE-2020-1301: Windows SMB Remote Code Execution Vulnerability

Free InsightVM Trial No Credit Card Necessary

Watch Demo See how it all works

Back to Search

Microsoft CVE-2020-1301: Windows SMB Remote Code Execution Vulnerability

Severity

CVSS

(AV:N/AC:L/Au:S/C:P/I:P/A:P)

Published

06/09/2020

Created

06/10/2020

Added

06/09/2020

Modified

11/18/2021

Description

A remote code execution vulnerability exists in the way that the Microsoft Server Message Block 1.0 (SMBv1) server handles certain requests. An attacker who successfully exploited the vulnerability could gain the ability to execute code on the target server. To exploit the vulnerability, in most situations, an authenticated attacker could send a specially crafted packet to a targeted SMBv1 server. The security update addresses the vulnerability by correcting how SMBv1 handles these specially crafted requests.

Solution(s)

msft-kb4557957-1d389709-3ebf-466c-9ae0-56356b3c6882
msft-kb4557957-abd03b60-058d-4d8e-92d8-350e56c295ad
msft-kb4557957-f18232ec-32dc-4501-9fc5-4a1f742f5b8b
msft-kb4560960-146e8d80-9400-4544-91a3-2c0ba3090008
msft-kb4560960-35eeaed4-c0c0-436f-a584-b58f31a89642
msft-kb4560960-84317d28-cfd1-423f-b595-42a0edfea424
msft-kb4560960-9d36f751-6a0e-462b-84bb-be43f3adeaba
msft-kb4560960-ad75f2bc-0622-4a84-a93d-bb94fe8cff13
msft-kb4560960-b30320db-3a33-48db-96e4-59386e6c5969
msft-kb4561602-0c094dcc-a16d-4601-834f-14456da2b4cd
msft-kb4561602-255a73f8-063c-48e7-b8f2-2a155d548e39
msft-kb4561608-45035942-d1b4-4c61-a5b4-863ec61192aa
msft-kb4561608-be65554b-cb1d-4c12-b469-e29881c33274
msft-kb4561608-d3f9ac63-dde5-4cda-ac6e-9c0677f2f3cc
msft-kb4561616-487ca926-f748-441e-ac4c-dd2a67adb5ce
msft-kb4561616-78260c1b-e230-4510-9201-07a392832acd
msft-kb4561616-c51c3c33-556f-496c-8d18-3dd0359df167
msft-kb4561621-98966738-ca71-4887-931e-a6acb9e707b6
msft-kb4561621-bdd672a3-c965-4b65-b6f9-75584e19299b
msft-kb4561645-33a84b60-aa68-459f-8c82-b0ec0e7603d0
msft-kb4561645-9405168a-4c68-4bfb-83ca-a15f4c9c374e
msft-kb4561649-07a6cd1b-c479-4166-8b4a-7a2b69658953
msft-kb4561649-d7b5dcea-79e1-44c3-b871-1ed6accb36c6
msft-kb4561669-213200ca-9575-4f35-81e4-b19d61a9e4ba
msft-kb4561669-5a0005ba-6430-4407-934f-03a3a5f26345
msft-kb4561669-73f7aadb-bd02-4175-8265-f9bbaf0f22d2
msft-kb4561669-8705c735-cea8-4ab0-9f52-7a200a211a6d
msft-kb4561669-cac41ed7-f500-4c34-8f26-3fc87b9a9d49
msft-kb4561673-2abed83b-4909-457d-a57c-1850ed986c83
msft-kb4561673-5b32eb2c-d144-4006-92b4-f64fb7b90cca
msft-kb4561673-912dce3d-0621-4c74-91fe-e7a5f370435b
msft-kb4561674-033891fc-1d72-47e7-9c01-566ae179b26b
msft-kb4561674-c1923421-f9dc-483e-86b2-c54b003e1a4e
msft-kb4561674-e8efd911-36d9-486a-8584-1630576ce0db

References

https://attackerkb.com/topics/cve-2020-1301
CVE - 2020-1301
4557957
4560960
4561602
4561608
4561612
4561616
4561621
4561643
4561645
4561649
4561666
4561669
4561670
4561673
4561674

Advanced vulnerability management analytics and reporting.

Key Features

Free InsightVM Trial View All Features

With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.

– Scott Cheney, Manager of Information Security, Sierra View Medical Center

;

Rapid7 Vulnerability & Exploit Database

Microsoft CVE-2020-1301: Windows SMB Remote Code Execution Vulnerability

Microsoft CVE-2020-1301: Windows SMB Remote Code Execution Vulnerability

Description

Solution(s)

References

Success! Thank you for submission. We will be in touch shortly.

Oops! There was a problem in submission. Please try again.

Submit your information and we will get in touch with you.