Attacker Value
Very Low
(1 user assessed)
Exploitability
Very Low
(1 user assessed)
User Interaction
Unknown
Privileges Required
Unknown
Attack Vector
Unknown
0

SMBv2 Symlink to Local File Vulnerability

Last updated February 13, 2020
Add MITRE ATT&CK tactics and techniques that apply to this CVE.

Description

SMBv2 supports symlinks on remote file systems by returning a special status code (STATUS_STOPPED_ON_SYMLINK) when a symlink is encountered on the remote share. It also returns a symlink reparse data buffer to be processed to determine where to redirect the request. While this is supported functionality by default Windows 7+ is configured to not follow symlinks from a server. This includes remote->remote and remote->local, presumably for security reasons. The verification of the remote->local or remote->remote is done within the object manager during a reparse operation.

Add Assessment

1
Ratings
  • Attacker Value
    Very Low
  • Exploitability
    Very Low
Technical Analysis

Vendor reason for not patching immediately: Attacker requires too much control in advance.

General Information

Additional Info

Technical Analysis