Lucene search
This script is Copyright (C) 2020-2024 and is owned by Tenable, Inc. or an Affiliate thereof.SMB_NT_MS20_AUG_4578013_OOB.NASLHistoryAug 20, 2020 - 12:00 a.m.
KB4578013: Windows 8.1 and Windows Server 2012 R2 August 2020 Additional Security Update
2020-08-2000:00:00
This script is Copyright (C) 2020-2024 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
142
4.6 Medium
CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:L/AC:L/Au:N/C:P/I:P/A:P
7.8 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
8.7 High
AI Score
Confidence
High
0.0004 Low
EPSS
Percentile
9.7%
The remote Windows host is missing security update 4578013. It is, therefore, affected by multiple vulnerabilities :
-
An elevation of privilege vulnerability exists when Windows Remote Access improperly handles memory.
(CVE-2020-1530) -
An elevation of privilege vulnerability exists when the Windows Remote Access improperly handles file operations. An attacker who successfully exploited this vulnerability could gain elevated privileges.
(CVE-2020-1537)
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from the Microsoft Security Updates API. The text
# itself is copyright (C) Microsoft Corporation.
#
include('compat.inc');
if (description)
{
script_id(139701);
script_version("1.7");
script_set_attribute(attribute:"plugin_modification_date", value:"2024/06/17");
script_cve_id("CVE-2020-1530", "CVE-2020-1537");
script_xref(name:"MSKB", value:"4578013");
script_xref(name:"MSFT", value:"MS20-4578013");
script_xref(name:"IAVA", value:"2020-A-0367-S");
script_xref(name:"CEA-ID", value:"CEA-2020-0101");
script_name(english:"KB4578013: Windows 8.1 and Windows Server 2012 R2 August 2020 Additional Security Update");
script_set_attribute(attribute:"synopsis", value:
"The remote Windows host is affected by multiple vulnerabilities.");
script_set_attribute(attribute:"description", value:
"The remote Windows host is missing security update 4578013. It is, therefore, affected by multiple vulnerabilities :
- An elevation of privilege vulnerability exists when
Windows Remote Access improperly handles memory.
(CVE-2020-1530)
- An elevation of privilege vulnerability exists when the
Windows Remote Access improperly handles file
operations. An attacker who successfully exploited this
vulnerability could gain elevated privileges.
(CVE-2020-1537)");
script_set_attribute(attribute:"see_also", value:"https://support.microsoft.com/en-us/help/4578013");
script_set_attribute(attribute:"solution", value:
"Apply Security Update KB4578013.");
script_set_cvss_base_vector("CVSS2#AV:L/AC:L/Au:N/C:P/I:P/A:P");
script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
script_set_cvss3_base_vector("CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H");
script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
script_set_attribute(attribute:"cvss_score_source", value:"CVE-2020-1537");
script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
script_set_attribute(attribute:"vuln_publication_date", value:"2020/08/19");
script_set_attribute(attribute:"patch_publication_date", value:"2020/08/19");
script_set_attribute(attribute:"plugin_publication_date", value:"2020/08/20");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"cpe:/o:microsoft:windows_8");
script_set_attribute(attribute:"cpe", value:"cpe:/o:microsoft:windows_server_2012:r2");
script_set_attribute(attribute:"stig_severity", value:"I");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_family(english:"Windows : Microsoft Bulletins");
script_copyright(english:"This script is Copyright (C) 2020-2024 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_dependencies("smb_check_rollup.nasl", "smb_hotfixes.nasl", "ms_bulletin_checks_possible.nasl");
script_require_keys("SMB/MS_Bulletin_Checks/Possible");
script_require_ports(139, 445, "Host/patch_management_checks");
exit(0);
}
include('smb_func.inc');
include('smb_hotfixes.inc');
include('smb_hotfixes_fcheck.inc');
include('smb_reg_query.inc');
include('install_func.inc');
get_kb_item_or_exit('SMB/MS_Bulletin_Checks/Possible');
bulletin = 'MS20-08';
kbs = make_list('4578013');
if (get_kb_item('Host/patch_management_checks')) hotfix_check_3rd_party(bulletin:bulletin, kbs:kbs, severity:SECURITY_WARNING);
get_kb_item_or_exit('SMB/Registry/Enumerated');
get_kb_item_or_exit('SMB/WindowsVersion', exit_code:1);
if (hotfix_check_sp_range(win81:'0') <= 0) audit(AUDIT_OS_SP_NOT_VULN);
# Windows 8 EOL
productname = get_kb_item_or_exit("SMB/ProductName", exit_code:1);
if ("Windows 8" >< productname && "8.1" >!< productname)
audit(AUDIT_OS_SP_NOT_VULN);
share = hotfix_get_systemdrive(as_share:TRUE, exit_on_fail:TRUE);
if (!is_accessible_share(share:share)) audit(AUDIT_SHARE_FAIL, share);
if (
smb_check_rollup(os:'6.3',
sp:0,
rollup_date:'08_2020_02',
bulletin:bulletin,
rollup_kb_list:[4578013])
)
{
replace_kb_item(name:'SMB/Missing/'+bulletin, value:TRUE);
hotfix_security_warning();
hotfix_check_fversion_end();
exit(0);
}
else
{
hotfix_check_fversion_end();
audit(AUDIT_HOST_NOT, hotfix_get_audit_report());
}
| Vendor | Product | Version | CPE |
|---|---|---|---|
| microsoft | windows_8 | cpe:/o:microsoft:windows_8 | |
| microsoft | windows_server_2012 | r2 | cpe:/o:microsoft:windows_server_2012:r2 |
Related
thn
thn
mskb
mskb
Security update for Windows 8.1, RT 8.1, and Server 2012 R2: August 19, 2020
2020-08-11 07:00:00
August 11, 2020âKB4571702 (Security-only update)
2020-08-11 07:00:00
August 11, 2020âKB4571736 (Monthly Rollup)
2020-08-11 07:00:00
nvd
nvd
CVE-2020-1537
2020-08-17 19:15:18
CVE-2020-1530
2020-08-17 19:15:18
prion
prion
Privilege escalation
2020-08-17 19:15:00
Privilege escalation
2020-08-17 19:15:00
cve
cve
CVE-2020-1537
2020-08-17 19:15:18
CVE-2020-1530
2020-08-17 19:15:18
cvelist
cvelist
CVE-2020-1537 Windows Remote Access Elevation of Privilege Vulnerability
2020-08-17 19:13:31
CVE-2020-1530 Windows Remote Access Elevation of Privilege Vulnerability
2020-08-17 19:13:28
mscve
mscve
Windows Remote Access Elevation of Privilege Vulnerability
2020-08-11 07:00:00
Windows Remote Access Elevation of Privilege Vulnerability
2020-08-11 07:00:00
threatpost
threatpost
Microsoft Out-of-Band Security Update Fixes Windows Remote Access Flaws
2020-08-20 15:39:38
nessus
nessus
KB4571702: Windows Server 2012 August 2020 Security Update
2020-08-11 00:00:00
KB4571719: Windows 7 and Windows Server 2008 R2 August 2020 Security Update
2020-08-11 00:00:00
openvas
openvas
Microsoft Windows Multiple Vulnerabilities (KB4571736)
2020-08-12 00:00:00
Microsoft Windows Multiple Vulnerabilities (KB4571729)
2020-08-12 00:00:00
Microsoft Windows Multiple Vulnerabilities (KB4571741)
2020-08-12 00:00:00
kaspersky
kaspersky
KLA11929 Multiple vulnerabilities in Microsoft Products (ESU)
2020-08-11 00:00:00
KLA11931 Multiple vulnerabilities in Microsoft Windows
2020-08-11 00:00:00
avleonov
avleonov
4.6 Medium
CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:L/AC:L/Au:N/C:P/I:P/A:P
7.8 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
8.7 High
AI Score
Confidence
High
0.0004 Low
EPSS
Percentile
9.7%
Related for SMB_NT_MS20_AUG_4578013_OOB.NASL