CISA Known Exploited Vulnerability
This vulnerability is actively exploited in the wild and listed in the CISA Known Exploited Vulnerabilities catalog.
Remediation Deadline: Aug 10, 2022
Description
A remote code execution vulnerability exists in the way that the Microsoft Server Message Block 3.1.1 (SMBv3) protocol handles certain requests. An attacker who successfully exploited the vulnerability could gain the ability to execute code on the target server or client.
EPSS — Exploit Probability
94.4%
Higher than 100.0% of all CVEs
Required Action
https://nvd.nist.gov/vuln/detail/CVE-2020-0796
Risk Assessment
CRITICALIn CISA KEV
High EPSS
Ransomware
Details
- Severity
- High
- EPSS
- 94.4%
- CISA KEV
- Yes
- Ransomware
- Known
- Articles
- 0
Timeline
Published
Feb 10, 2022
Added to KEV
Feb 10, 2022
Remediation Due
Aug 10, 2022