Microsoft Windows SMB Shares Unprivileged Access

Microsoft Windows SMB Shares Unprivileged Access

Posted by Peter Bassill on 29/07/2019

Hedgehog Summary

This vulnerability will allow an attacker on a connected network to view any of the files contained within the file share. In some circumstances, it may be possible to add new files and modify existing files within the file share.

Adding New Files:

Supports internally based phishing attack
Distributes malware or other malicious code with a network

Modifying Existing Files:

Performing an integrity based attack on documents, common with financial records
Hiding activities where log files can be modified

Nessus Summary

Nessus ID: 42411

CVSS v2.0 Base Score: 7.5

Nessus Description:

The remote has one or more Windows shares that can be accessed through the network with the given credentials.Depending on the share rights, it may allow an attacker to read/write confidential data.

How to fix

To restrict access under Windows, open Explorer, do a right click on each share, go to the 'sharing' tab, and click on 'permissions'.

Further Information

Contact us

  • Worklab, Europort, Gibraltar

  • +350 540 73836