CVE-2020-0956
De multiples vulnérabilités ont été corrigées dans <span class="textit">Microsoft Windows</span>. Elles permettent à un attaquant de provoquer une exécution de code à distance, un déni de service, une élévation de privilèges, une atteinte à la confidentialité des données et un contournement de la fonctionnalité de sécurité.
EPSS 0.28% · 51.4th percentile
Risk Scores
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Microsoft | Windows 10 Version 1903 for 32-bit Systems | unspecified |
| Microsoft | Windows 10 Version 1903 for ARM64-based Systems | unspecified |
| Microsoft | Windows 10 Version 1909 for ARM64-based Systems | * |
| Microsoft | Windows 10 Version 1909 for 32-bit Systems | unspecified |
| Microsoft | Windows | 10 Version 1709 for 32-bit Systems, 10 Version 1709 for x64-based Systems, 10 Version 1709 for ARM64-based Systems |
| Microsoft | Windows Server | 2012 (Core installation), version 1803 (Core Installation), 2019 |
| Microsoft | Windows Server, version 1903 (Server Core installation) | unspecified |
| Microsoft | Windows 10 Version 1903 for x64-based Systems | unspecified |
| Microsoft | Windows Server, version 1909 (Server Core installation) | unspecified |
| Microsoft | Windows 10 Version 1909 for x64-based Systems | * |
Exploit Intelligence
- https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0687 (circl)
- CVE-2020-0796.yara (github-yara)
- CVE-2020-0796.yara (github-yara)
- CVE-2020-0796.yara (github-yara)
- CVE-2020-0796.yara (github-yara)
- hacktool_fscan_strings.yar (github-yara)
- hacktool_fscan_strings.yar (github-yara)
- hacktool_fscan_strings.yar (github-yara)
- hacktool_fscan_strings.yar (github-yara)
- smb-protocols script modified to apply check for CVE-2020-0796 by psc4re. Adjusted for Nmap 7.92 by Photubias Attempts to list the supported protocols and dialects of a SMB server. Packet check based on https://github.com/ollypwn/SMBGhost/ The script attempts to initiate a connection using the dialects: * NT LM 0.12 (SMBv1) * 2.0.2 (SMBv2) * 2.1 (SMBv2) * 3.0 (SMBv3) * 3.0.2 (SMBv3) * 3.1.1 (SMBv3) Additionally if SMBv1 is found enabled, it will mark it as insecure. This script is the success... (nmap-nse)
…and 3 more exploits
Timeline
- Apr 15, 2020 CVE Published
- Apr 14, 2021 EPSS Score
- Jun 23, 2021 EPSS Score
- Aug 24, 2021 EPSS Score
- Dec 8, 2021 PoC Published
- Dec 27, 2021 EPSS Score
- Jan 6, 2022 EPSS Score
- Feb 4, 2022 EPSS Score
- Feb 28, 2022 EPSS Score
- May 1, 2022 EPSS Score
- Jul 3, 2022 EPSS Score
- Nov 6, 2022 EPSS Score