CVE-2020-0796

Windows SMBv3 LPE Exploit

Authors

• Daniel García Gutiérrez (@danigargu)
• Manuel Blanco Parajón (@dialluvioso_)

Exploit analysis

• POC Analysis by SungLin (Knownsec 404 Team)
• Writeup+PoC by @ZecOps

References

• https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0796
• https://www.synacktiv.com/posts/exploit/im-smbghost-daba-dee-daba-da.html
• https://www.fortinet.com/blog/threat-research/cve-2020-0796-memory-corruption-vulnerability-in-windows-10-smb-server.html#.Xndfn0lv150.twitter
• https://www.mcafee.com/blogs/other-blogs/mcafee-labs/smbghost-analysis-of-cve-2020-0796/
• http://blogs.360.cn/post/CVE-2020-0796.html
• https://blog.zecops.com/vulnerabilities/vulnerability-reproduction-cve-2020-0796-poc/