Vulnerability in the Windows Network File System


The vulnerability mentioned in CVE-2020-17051, published during the November 2020 Patch Tuesday, is rated CVSS 9.8 and allows a remote attacker to execute arbitrary code on a victim’s system. NFS is commonly used in heterogeneous Windows, Linux, and Unix environments for file sharing purposes. The vulnerability originates from the nfssvr.sys file, which can lead to the Blue Screen of Death if successfully exploited. The important point is that combining this vulnerability with another vulnerability numbered CVE-2020-17056 which originates from the same nfssvr.sys file allows the attacker to bypass ASLR (address space layout randomization), this increases The significant possibility of abuse and also bypassing the solutions to prevent this vulnerability requires.

A remote attacker with one of the following accesses can exploit this vulnerability.

  1. Authentic attacker can write access to NFS share.
  2. The NFS share is configured to grant Write access to anonymous users.

Vulnerable versions

All versions of Windows are susceptible to this vulnerability.

solution

The security patch for this vulnerability has been released. You can download the relevant patch according to the version used from the link below.

https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2020-17051

NewsUncategorized

NFSvulnerability

Leave a Reply

Your email address will not be published. Required fields are marked *