KLA11693
ACE vulnerability in Microsoft Windows

Обновлено: 21/09/2023
Дата обнаружения
12/03/2020
Уровень угрозы
Critical
Описание

A remote code execution vulnerability in Windows SMBv3 Client/Server can be exploited remotely via specially crafted packet to execute arbitrary code.

Эксплуатация

This vulnerability can be exploited by the following malware:

https://threats.kaspersky.com/en/threat/Intrusion.Win.CVE-2020-0796/

Public exploits exist for this vulnerability.

Пораженные продукты

Windows 10 Version 1909 for 32-bit Systems
Windows Server, version 1903 (Server Core installation)
Windows 10 Version 1903 for 32-bit Systems
Windows Server, version 1909 (Server Core installation)
Windows 10 Version 1903 for ARM64-based Systems
Windows 10 Version 1909 for x64-based Systems
Windows 10 Version 1903 for x64-based Systems
Windows 10 Version 1909 for ARM64-based Systems

Решение

Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)

Первичный источник обнаружения
CVE-2020-0796
Оказываемое влияние
?
ACE 
[?]
Связанные продукты
Microsoft Windows
Microsoft Windows Server
Microsoft Windows 10
CVE-IDS
CVE-2020-07967.5Critical
KB list

4551762