CVE-2021-31205: Windows SMB Client Security Feature Bypass Vulnerability
Overview
- Severity
- Medium (CVSS 6.5)
- CVSS Vector
- CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
- Category
- Security Feature Bypass
- Exploit Status
- Not Exploited
- Exploitation Likelihood
- Less Likely
- Patch Tuesday
- 2021-May
- Released
- 2021-05-11
- Last Updated
- 2023-10-26
- EPSS Score
- 15.22% (percentile: 94.6%)
FAQ
What kind of security feature could be bypassed by successfully exploiting this vulnerability?
Guest fallback access in SMB2 is not disabled by default. Installing this security update will disable guest fallback access to enforce the operating system edition settings and Group Policy settings. Guest fallback behavior default will return matching previously documented settings.
Alternatively, customers can manually disable guest access by configuring this registry value:
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\LanmanWorkstation\Parameters] "AllowInsecureGuestAuth"=dword:0
For more information on guest fallback access behaviors and default settings, refer to:
Guest access in SMB2 disabled by default in Windows
Affected Products (7)
Windows
- Windows 10 Version 2004 for 32-bit Systems
- Windows 10 Version 2004 for ARM64-based Systems
- Windows 10 Version 2004 for x64-based Systems
- Windows Server, version 2004 (Server Core installation)
- Windows 10 Version 20H2 for 32-bit Systems
- Windows 10 Version 20H2 for ARM64-based Systems
- Windows Server, version 20H2 (Server Core Installation)
Security Updates (1)
Revision History
- 2021-05-11: Information published.
- 2023-10-26: Updated one or more CVSS scores for the affected products. This is an informational change only.