Microsoft Windows SMB Shares Unprivileged Access

Microsoft Windows SMB Shares Unprivileged Access

Posted by Peter Bassill on 29/07/2019


Hedgehog Summary



This vulnerability will allow an attacker on a connected network to view any of the files contained within the file share. In some circumstances, it may be possible to add new files and modify existing files within the file share.



Adding New Files:




Supports internally based phishing attack
Distributes malware or other malicious code with a network




Modifying Existing Files:




Performing an integrity based attack on documents, common with financial records
Hiding activities where log files can be modified




Nessus Summary



Nessus ID: 42411



CVSS v2.0 Base Score: 7.5



Nessus Description:



The remote has one or more Windows shares that can be accessed through the network with the given credentials.Depending on the share rights, it may allow an attacker to read/write confidential data.



How to fix



To restrict access under Windows, open Explorer, do a right click on each share, go to the 'sharing' tab, and click on 'permissions'.



Further Information




https://nvd.nist.gov/vuln/detail/CVE-1999-0519
https://nvd.nist.gov/vuln/detail/CVE-1999-0520
https://vulners.com/osvdb/OSVDB:299
https://www.tenable.com/plugins/nessus/26920


Contact us



  • Worklab, Europort, Gibraltar

  • +350 540 73836

  • hello@wearehedgehog.com