Important March 12, 2020 - Microsoft has released CVE-2020-0796 | Windows SMBv3 Client/Server Remote Code Execution Vulnerability to address this vulnerability. For more information about this issue, including download links for an available security update, please review CVE-2020-0796 . Microsoft is aware of a remote code execution vulnerability in the way that the Microsoft Server Message Block 3.1.1 (SMBv3) protocol handles certain requests. An attacker who successfully exploited the vulnerability could gain the ability to execute code on the target SMB Server or SMB Client. To exploit the vulnerability against an SMB Server, an unauthenticated attacker could send a specially crafted packet to a targeted SMBv3 Server. To exploit the vulnerability against an SMB Client, an unauthenticated attacker would need to configure a malicious SMBv3 Server and convince a user to connect to it. We will update this advisory when updates are available. If you wish to be notified when this advisory is updated, we recommend that you register for the security notifications mailer to be alerted of content changes to this advisory. See Microsoft Technical Security Notifications .

No EPSS score available for this CVE.

Microsoft Platform Security Assurance & Vulnerability Research