Security News > 2020 > June > PoC RCE exploit for SMBGhost Windows flaw released
A security researcher has published a PoC RCE exploit for SMBGhost, a wormable flaw that affects SMBv3 on Windows 10 and some Windows Server versions.
The PoC exploit is unreliable, but could be used by malicious attackers as a starting point for creating a more effective exploit.
SMBGhost has the potential to fuel attacks like the ones that brought us WannaCry and NotPetya, though more limited since those exploited a vulnerability in SMBv1 and SMBGhost is found in SMBv3.
Some security companies and researchers have created limited PoC exploits for SMBGhost, but have refrained from publishing them until the security updates fixing the flaw are more widely deployed.
Some attackers have been exploiting the flaw for local privilege escalation, but there is no indication that the flaw is being exploited for achieving remote code execution.
News URL
http://feedproxy.google.com/~r/HelpNetSecurity/~3/jdxr1xIQQMo/
Related news
- LDAPNightmare PoC Exploit Crashes LSASS and Reboots Windows Domain Controllers (source)
- Mitel 0-day, 5-year-old Oracle RCE bug under active exploit (source)
- Security pros baited with fake Windows LDAP exploit traps (source)
- Hackers exploit critical Aviatrix Controller RCE flaw in attacks (source)
- Cisco warns of denial of service flaw with PoC exploit code (source)
- Unpatched PHP Voyager Flaws Leave Servers Open to One-Click RCE Exploits (source)
- Hackers exploit Cityworks RCE bug to breach Microsoft IIS servers (source)
- FINALDRAFT Malware Exploits Microsoft Graph API for Espionage on Windows and Linux (source)
- SonicWall firewall bug leveraged in attacks after PoC exploit release (source)