Virsec Security Research Lab Vulnerability Analysis
The Virsec Security Research Lab provides detailed analysis on recent and notable security vulnerabilities.
Vulnerability Summary
In a network-based attack, an attacker with write access to a Windows NFS Server share could execute code remotely within the kernel. This vulnerability is wormable between machines hosting writable NFS shares. Microsoft’s documentation states that functional reproduction of the exploit of this vulnerability is possible.
Watch the video to learn more about this and other important vulnerabilities.
CVSS Score
The CVSS Base Score is 9.8 (Critical)
Affected Windows Versions
Windows Server 2012 R2 (Server Core installation)
Windows Server 2012 R2
Windows Server 2012 (Server Core installation)
Windows Server 2012
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)
Windows Server 2008 R2 for x64-based Systems Service Pack 1
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation)
Windows Server 2008 for x64-based Systems Service Pack 2
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation)
Windows Server 2008 for 32-bit Systems Service Pack 2
Windows Server 2016 (Server Core installation)
Windows Server 2016
Windows Server, version 2004 (Server Core installation)
Windows Server, version 1903 (Server Core installation)
Windows Server, version 1909 (Server Core installation)
Windows Server 2019 (Server Core installation)
Windows Server 2019
Windows Server, version 20H2 (Server Core Installation)
Vulnerability Attribution
Soyeon Park - Microsoft Platform Security Assurance & Vulnerability Research
Risk Impact
The risk posed by this vulnerability is a high as it gets. An attacker can not only completely compromise the local Windows Server kernel but can also worm into adjacent servers. Public exploit is not available.
Virsec Security Platform (VSP) Support
The Virsec Security Platform (VSP)- NVD has not yet assigned a CWE to this vulnerability so it is hard to definitively state how the vulnerability can be protected. As we become aware of the details, we will update this section..
Reference Links
-
https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2020-17051
-
https://docs.microsoft.com/en-us/windows-server/storage/nfs/deploy-nfs
Download the full vulnerability report to learn more about this and other important vulnerabilities.
Jump to: List of CVE Vulnerabilities