Free and open-source vulnerability scanner
Mageni eases for you the vulnerability scanning, assessment, and management process. It is free and open-source.
Install NowAvailable for macOS, Windows, and Linux
Microsoft Windows Server Message Block 3.1.1 RCE Vulnerability (KB4551762)
Information
Severity
Severity
Family
Family
CVSSv2 Base
CVSSv2 Base
CVSSv2 Vector
CVSSv2 Vector
Solution Type
Solution Type
Created
Created
Modified
Modified
Summary
This host is missing a critical security update according to Microsoft KB4551762
Insight
Insight
The vulnerability is due to an error when the SMBv3 handles maliciously crafted compressed data packets. Both SMB Servers and clients are affected. To exploit the vulnerability against an SMB Server, an unauthenticated attacker could send a specially crafted packet to a targeted SMBv3 Server. While as to exploit the vulnerability against an SMB Client, an unauthenticated attacker would need to configure a malicious SMBv3 Server and convince a user to connect to it.
Affected Software
Affected Software
SMB 3.1.1(SMBv3) on - Windows 10 Version 1903 for 32-bit/x64-based Systems - Windows 10 Version 1909 for 32-bit/x64-based Systems
Detection Method
Detection Method
Checks if a vulnerable version is present on the target host.
Solution
Solution
The vendor has released updates. Please see the references for more information.