CVE-2020-1301

high

Description

A remote code execution vulnerability exists in the way that the Microsoft Server Message Block 1.0 (SMBv1) server handles certain requests, aka 'Windows SMB Remote Code Execution Vulnerability'.

References

Tenable Blogs
More

https://www.tenable.com/blog/smbleed-cve-2020-1206-and-smblost-cve-2020-1301-vulnerabilities-affect-microsoft-smbv3-and

https://www.tenable.com/blog/microsoft-s-june-2020-patch-tuesday-addresses-129-cves-including-newly-disclosed-smbv3

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1301

Details

Source: Mitre, NVD

Published: 2020-06-09

Updated: 2024-11-21

Named Vulnerability: SMBLost

Risk Information

CVSS v2

Base Score: 6.5

Vector: CVSS2#AV:N/AC:L/Au:S/C:P/I:P/A:P

Severity: Medium

CVSS v3

Base Score: 8.8

Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Severity: High

EPSS

EPSS: 0.59532

Detections

Analytics