Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2020-0890 PoC — Windows Hyper-V Denial of Service Vulnerability

Source
https://github.com/gerhart01/hyperv_local_dos_poc
Associated Vulnerability
Title:Windows Hyper-V Denial of Service Vulnerability (CVE-2020-0890)
Description:<p>A denial of service vulnerability exists when Microsoft Hyper-V on a host server fails to properly validate specific malicious data from a user on a guest operating system.</p> <p>To exploit the vulnerability, an attacker who already has a privileged account on a guest operating system, running as a virtual machine, could run a specially crafted application.</p> <p>The security update addresses the vulnerability by resolving the conditions where Hyper-V would fail to handle these requests.</p>
Description
CVE-2020-0890 | Windows Hyper-V Denial of Service Vulnerability proof-of-concept code
Readme
Hyper-V DoS PoC.
This is code files of Visual Studio 2019 driver project. 
1. Compile driver.
2. Enable nested virtualization for guest OS using command:

```
Set-VMProcessor -VMName <VMName> -ExposeVirtualizationExtensions $true
```
3. Run driver inside guest OS. Host OS will be rebooted or generate BSOD with HYPERVISOR_ERROR code.

Bug is present in Hyper-V from Windows Server 2019, Windows 10 with latest patches and
Windows 10 insider preview, build 10.0.20206.1000 and early.

Mitigations:
Simple disable nested virtualization on untrusted VM. Execute command on host server:

```
Set-VMProcessor -VMName <VMName> -ExposeVirtualizationExtensions $false
```
File Snapshot

 [4.0K]  /data/pocs/579f62de8d9370a58440e98df5f52f7cf746bc21
├── [ 512]  hvdetectdrv.inf
├── [7.9K]  hvdetectdrv.vcxproj
├── [1.6K]  hvdetectdrv.vcxproj.filters
├── [ 165]  hvdetectdrv.vcxproj.user
├── [137K]  hvgdk.h
├── [2.7K]  hypervbsod.c
├── [1.4K]  hypervbsod.h
├── [2.7K]  hypervbsod.sln
├── [3.0K]  hypervenlightments.c
├── [ 665]  README.md
├── [ 267]  vmx.asm
└── [4.0K]  x64
    └── [4.0K]  Release
        └── [ 20K]  hypervbsod.sys

2 directories, 12 files
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. Local POC snapshots are reserved for subscribers — if the original source is unavailable, the local mirror is part of the paid plan.
    3. Mirroring, verifying, and maintaining this POC archive takes ongoing effort, so local snapshots are a paid feature. Your subscription keeps the archive online — thank you for the support. View subscription plans →