A proof-of-concept remote code execution (RCE) exploit for the Windows 10 CVE-2020-0796 'wormable' pre-auth remote code execution vulnerability was developed and demoed today by researchers at Ricerca Security.
The security vulnerability, also known as SMBGhost, was found in the Microsoft Server Message Block 3.1.1 (SMBv3) network communication protocol and it only impacts systems running Windows 10, version 1903 and 1909, as well as Server Core installations of Windows Server, versions 1903 and 1909.
Some information on SMBGhost was
leaked during last month's Patch Tuesday after being accidentally published by a number of security vendors part of Microsoft Active Protections Program despite Microsoft's decision to hold on to the info and not issuing a security advisory.
"An attacker who successfully exploited the vulnerability could gain the ability to execute code on the target server or client," Microsoft
explains.
.. ...