Security News > 2020 > June > 'SMBleed' Vulnerability Impacts Windows SMB Protocol
One of the vulnerabilities that Microsoft addressed on June 2020 Patch Tuesday is a Server Message Block protocol bug that could allow an attacker to leak kernel memory remotely, without authentication.
Called SMBleed and tracked as CVE-2020-1206, the vulnerability could be chained with SMBGhost, a flaw addressed in March 2020, to achieve pre-authentication remote code execution, security researchers with ZecOps reveal.
The same as SMBGhost, SMBleed is an issue that resides in the compression mechanism of SMBv3.
"To exploit the vulnerability against a server, an unauthenticated attacker could send a specially crafted packet to a targeted SMBv3 server. To exploit the vulnerability against a client, an unauthenticated attacker would need to configure a malicious SMBv3 server and convince a user to connect to it," Microsoft notes in an advisory.
The researchers note that users can remediate both SMBleed and SMBGhost by blocking TCP port 445, by enforcing host isolation, and by disabling SMB 3.1.1 compression.
News URL
Related Vulnerability
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2020-06-09 | CVE-2020-1206 | Use of Uninitialized Resource vulnerability in Microsoft Windows 10 and Windows Server 2016 An information disclosure vulnerability exists in the way that the Microsoft Server Message Block 3.1.1 (SMBv3) protocol handles certain requests, aka 'Windows SMBv3 Client/Server Information Disclosure Vulnerability'. | 7.5 |