Showing results for 
Show  only  | Search instead for 
Did you mean: 
Claim your free VMworld 2020 ticket now for a completely digital experience to learn about how VMware Carbon Black can protect you from sophisticated threats.

SMBleed CVE-2020-1206 Vulnerability

Description: Lists endpoints that are either vulnerable or not vulnerable to the SMBleed vulnerability, CVE-2020-1206. This vulnerability allows attackers to remotely leak kernel memory, and when combined with SMBGhost, can be used for remote code execution:

What The Data Shows: The data shows endpoints that are vulnerable to SMBleed. Vulnerable endpoints include Windows 10 endpoints, on version 1903, 1909, or 2004, that have not installed KB4560960 for version 1903 and 1909, or have not installed KB4557959 for version 2004. Further explanation here:


SELECT name, build, CASE
		(SELECT patches.hotfix_id,, FROM patches, os_version WHERE 
			(patches.hotfix_id LIKE "KB4560960" OR patches.hotfix_id LIKE "KB4557957") OR NOT LIKE "%Windows 10%" OR 
			( NOT LIKE "19041" AND NOT LIKE "18363" AND NOT LIKE "18362")
		) THEN "Not Vulnerable" ELSE "Vulnerable"
	END "CVE-2020-1206"
FROM os_version;



1 Comment
Carbon Black Employee
Status changed to: Approved

@JRoosa Sorry I missed this one! Thanks for the contribution.