Microsoft Windows SMB Shares Unprivileged Access


This vulnerability will allow an attacker on a connected network to view any of the files contained within the file share. In some circumstances, it may be possible to add new files and modify existing files within the file share.

Microsoft Windows SMB Shares Unprivileged Access

Posted on 2019-07-29 by Peter Bassill in category News.


Guides   Remediation   SMB   Windows  


This vulnerability will allow an attacker on a connected network to view any of the files contained within the file share. In some circumstances, it may be possible to add new files and modify existing files within the file share.

Adding New Files:

* Supports internally based phishing attack
* Distributes malware or other malicious code with a network


Modifying Existing Files:

* Performing an integrity based attack on documents, common with financial records
* Hiding activities where log files can be modified


Nessus Summary
Nessus ID: 42411

CVSS v2.0 Base Score: 7.5

Nessus Description:

The remote has one or more Windows shares that can be accessed through the network with the given credentials.

Depending on the share rights, it may allow an attacker to read/write confidential data.

How to fix
To restrict access under Windows, open Explorer, do a right click on each share, go to the 'sharing' tab, and click on 'permissions'.

Further Information
https://nvd.nist.gov/vuln/detail/CVE-1999-0519
https://nvd.nist.gov/vuln/detail/CVE-1999-0520
https://vulners.com/osvdb/OSVDB:299
https://www.tenable.com/plugins/nessus/26920


Get in Touch

Kindly fill the form and we will get back to you.

Contact us if you are experiencing a Cyber IncidentHaving a Cyber Incident?