Severity Rating: High

Systems Affected

·        Windows 10 Version 1903 for 32-bit Systems

·        Windows 10 Version 1903 for ARM64-based Systems

·        Windows 10 Version 1903 for x64-based Systems

·        Windows 10 Version 1909 for 32-bit Systems

·        Windows 10 Version 1909 for ARM64-based Systems

·        Windows 10 Version 1909 for x64-based Systems

·        Windows 10 Version 2004 for 32-bit Systems

·        Windows 10 Version 2004 for ARM64-based Systems

·        Windows 10 Version 2004 for x64-based Systems

·        Windows Server, version 1903 (Server Core installation)

·        Windows Server, version 1909 (Server Core installation)

·        Windows Server, version 2004 (Server Core installation)

Overview

A vulnerability has been reported in Microsoft Server Message Block Server

that could allow a remote attacker to access sensitive information on the

targeted system. 

Description

This vulnerability exists in the way that the Microsoft Server Message

Block 3.1.1 (SMBv3) protocol handles certain requests. A remote attacker

could exploit this vulnerability by sending a specially crafted packet to a

targeted SMBv3 server. Successful exploitation of this vulnerability could

allow the attacker to access sensitive information on the targeted system.

Note:

This vulnerability exists in the same function as with SMBGhost

(CVE-2020-0796, CIVN-2020-0048) vulnerability.

Solution

Apply appropriate software updates as mentioned in the Microsoft advisory

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020

- -1206

Vendor Information

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020

- -1206

References

Zecops

https://blog.zecops.com/vulnerabilities/smbleedingghost-writeup-chaining-sm

bleed-cve-2020-1206-with-smbghost/

Tenable

https://www.tenable.com/cve/CVE-2020-1206

CVE Name

CVE-2020-1206