Researchers Published SMBGhost Privilege Escalation on Windows

Researchers have released proof-of-concept (PoC) exploits to show how local privilege escalation can take advantage of the Windows vulnerability tracked as SMBGhost and CV E-2020-0796.

Microsoft claims the bug patched in an out-of-band update on March 12 can be used on SMB clients and servers for remote code execution. The critical flaw of how SMB 3.1.1 manages such requests, which is described as “swordable,” affects the 1903 and 1909 release of Windows 10 and Windows Server.

Attacking SMB servers demands that the attacker send different packets to the network. The attacker has to convince the target user to connect to a compromised SMBv3 server for customers.

Researchers have developed tools to scan compromised servers and have released PoC exploits to achieve a DoS state. A PoC is not yet public for the remote code execution, but ZecOps has created and published a PoC showing that SMBGhost can be used to increase the privileges of Framework.

Researchers Daniel García Gutiérrez and Manuel Blanco Parajón also provided SMBGhost PoCs to improve SYSTEM’s privileges.

Researchers have released proof-of-concept (PoC) exploits to show how local privilege escalation can take advantage of the Windows vulnerability tracked as SMBGhost and CV E-2020-0796.

SMBGhost_LPE

Microsoft claims the bug patched in an out-of-band update on March 12 can be used on SMB clients and servers for remote code execution. The critical flaw of how SMB 3.1.1 manages such requests, which is described as “swordable,” affects the 1903 and 1909 release of Windows 10 and Windows Server.

SEE ALSO:
Black Kingdom/Pydomer Ransomware Operators Targeting the Exchange Server Vulnerabilities

Attacking SMB servers demands that the attacker send different packets to the network. The attacker has to convince the target user to connect to a compromised SMBv3 server for customers.

Researchers have developed tools to scan compromised servers and have released PoC exploits to achieve a DoS state. A PoC is not yet public for the remote code execution, but ZecOps has created and published a PoC showing that SMBGhost can be used to increase the privileges of Framework.

Researchers Daniel García Gutiérrez and Manuel Blanco Parajón also provided SMBGhost PoCs to improve SYSTEM’s privileges.

Leave a Reply
Previous Post
malware

FBI Warns of Ongoing Kwampirs Malicious Malware Attack Targeting Global Industries

Next Post
Wordpress

Major WordPress Plugin Bug Lets Hackers to Change Users Into Admins Access

Related Posts