Security News > 2020 > June > PoC RCE exploit for SMBGhost Windows flaw released
A security researcher has published a PoC RCE exploit for SMBGhost, a wormable flaw that affects SMBv3 on Windows 10 and some Windows Server versions.
The PoC exploit is unreliable, but could be used by malicious attackers as a starting point for creating a more effective exploit.
SMBGhost has the potential to fuel attacks like the ones that brought us WannaCry and NotPetya, though more limited since those exploited a vulnerability in SMBv1 and SMBGhost is found in SMBv3.
Some security companies and researchers have created limited PoC exploits for SMBGhost, but have refrained from publishing them until the security updates fixing the flaw are more widely deployed.
Some attackers have been exploiting the flaw for local privilege escalation, but there is no indication that the flaw is being exploited for achieving remote code execution.
News URL
http://feedproxy.google.com/~r/HelpNetSecurity/~3/jdxr1xIQQMo/
Related news
- Hackers exploit Windows SmartScreen flaw to drop DarkGate malware (source)
- PoC exploit for critical Fortra FileCatalyst MFT vulnerability released (CVE-2024-25153) (source)
- Exploit released for Fortinet RCE bug used in attacks, patch now (source)
- Microsoft: APT28 hackers exploit Windows flaw reported by NSA (source)
- Microsoft: APT28 hackers exploit Windows flaw reported by NSA (source)
- Russian hackers’ custom tool exploits old Windows Print Spooler flaw (CVE-2022-38028) (source)