Security News > 2020 > June > 'SMBleed' Vulnerability Impacts Windows SMB Protocol

'SMBleed' Vulnerability Impacts Windows SMB Protocol
2020-06-10 17:46

One of the vulnerabilities that Microsoft addressed on June 2020 Patch Tuesday is a Server Message Block protocol bug that could allow an attacker to leak kernel memory remotely, without authentication.

Called SMBleed and tracked as CVE-2020-1206, the vulnerability could be chained with SMBGhost, a flaw addressed in March 2020, to achieve pre-authentication remote code execution, security researchers with ZecOps reveal.

The same as SMBGhost, SMBleed is an issue that resides in the compression mechanism of SMBv3.

"To exploit the vulnerability against a server, an unauthenticated attacker could send a specially crafted packet to a targeted SMBv3 server. To exploit the vulnerability against a client, an unauthenticated attacker would need to configure a malicious SMBv3 server and convince a user to connect to it," Microsoft notes in an advisory.

The researchers note that users can remediate both SMBleed and SMBGhost by blocking TCP port 445, by enforcing host isolation, and by disabling SMB 3.1.1 compression.


News URL

http://feedproxy.google.com/~r/Securityweek/~3/3vxez7S26Aw/smbleed-vulnerability-impacts-windows-smb-protocol

Related Vulnerability

DATE CVE VULNERABILITY TITLE RISK
2020-06-09 CVE-2020-1206 Use of Uninitialized Resource vulnerability in Microsoft Windows 10 and Windows Server 2016
An information disclosure vulnerability exists in the way that the Microsoft Server Message Block 3.1.1 (SMBv3) protocol handles certain requests, aka 'Windows SMBv3 Client/Server Information Disclosure Vulnerability'.
network
low complexity
microsoft CWE-908
7.5

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Protocol 12 0 1 15 1 17