OS-WINDOWS -- Snort has detected traffic targeting vulnerabilities in a Windows-based operating system. This does not include browser traffic or other software on the OS, but attacks against the OS itself.
OS-WINDOWS Microsoft Windows SMB2 SET_INFO information disclosure attempt
This rule is looking for multiple SMB2_SET_INFO requests that fit several parameters in a very short period of time.
This rule alerts on exploit traffic from an attacker.
No public information
No known false positives
Cisco Talos Intelligence Group
No rule groups
Information Leak
Information Leakage happens when an attacker manipulates a system into revealing sensitive information, either through malformed input or by taking advantage of another feature of the system.
CVE-2020-17140 |
Loading description
|
Tactic: Initial Access
Technique: External Remote Services
For reference, see the MITRE ATT&CK vulnerability types here: https://attack.mitre.org