December 5, 2020

CVE-2020-17051: Windows Network File System Remote Code Execution Vulnerability Alert

1 min read
On November 10, 2020, Microsoft had issued a risk notice for a remote code execution vulnerability in the Windows network file system. The vulnerability number is CVE-2020-17051, the vulnerability level is critical. The CVSS:3.0 score is 9.8/8.5.
Windows zero day flaws
Network File System (NFS) is a distributed file system that strives to allow client hosts to access server-side files, and the process is the same as when accessing local storage. An unauthorized attacker can cause a memory heap overflow in the network file system (NFSv3) of the target Windows by sending malicious NFS packets and then get remote code execution.

Affected version

  • Microsoft Windows 7/8/10
  • Microsoft Windows Server 2008/2012/2016/2019

Solution

In this regard, we recommend that users upgrade Windows to the latest version in time.