Windows SMBv3 RCE Threat Intel Advisory

CloudSEK Threat Intelligence Advisory on Windows SMBv3 RCE, tracked as CVE-2020-0796, rated as critical with a CVSS score of 9.0.
Updated on
February 27, 2023
Published on
October 5, 2020
Read time
Subscribe to the latest industry news, technologies and resources.
A remote code execution vulnerability, tracked as CVE-2020-0796, exists in Microsoft’s implementation of SMBv3 [Server Message Block] protocol. SMB is the backbone protocol used for file sharing in the network. If file sharing is enabled on a computer, that means shares are accessed over the network via SMB. This vulnerability is in version 3.1.1 of the SMB protocol which is only present in 32-bit and 64-bit Windows 10 version 1903 and 1909 for desktops and servers. The vulnerability stems from improper handling of requests by the protocol implementation, which allows an attacker to execute code on the target server or client.[/vc_wp_text][vc_wp_text]

Impact Analysis 

  • SMB attacks are very critical as such offensives let attackers gain access to the target computer.
  • Lateral movement and pivoting can then be used to further the attack deep into internal networks of the organization.
  • Can lead to Domain takeover, compromising all of the users of a specific domain. 
  • Various exploit kits in the wild have been reported  using SMB related zero day vulnerabilities in the past to carry out various ransomware/ data breach campaigns.
  • Companies can fall victim to ransomware and data breach.
  • Loss of reputation, goodwill and revenue.
  • Battling lawsuits from clients in the face of a cyber security breach.
  • Liable to pay hefty fines from compliance bodies.


Vendor specific patch installation is mandatory:

Get Global Threat Intelligence on Real Time

Protect your business from cyber threats with real-time global threat intelligence data.. 30-day free and No Commitment Trial.
Schedule a Demo
Real time Threat Intelligence Data
More information and context about Underground Chatter
On-Demand Research Services
Related Intelligence Posts
No items found.