Intrusion.Win.CVE-2020-0796

Class Intrusion
Platform Win
Description

This attack is based on exploiting the CVE-2020-0796 SMBv3 vulnerability of the SMBv3 protocol in Microsoft Windows operating systems. The attacker can use this vulnerability to run arbitrary code on SMB servers and SMB clients. To attack the server, one sends a specially created package to it. As for the client, attackers have to configure a malicious SMBv3 server and persuade a user to connect to it.