Russian Vulnerability Scanner Database

Back to List

CVE-2017-0144

Scores

EPSS Score

0.9441

CVSS

3.x 8.8

Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

All CVSS Scores

CVSS 4.0
0.0
CVSS 3.x
8.8

Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CVSS 2.0
9.3

Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C

Description

The SMBv1 server in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; and Windows 10 Gold, 1511, and 1607; and Windows Server 2016 allows remote attackers to execute arbitrary code via crafted packets, aka "Windows SMB Remote Code Execution Vulnerability." This vulnerability is different from those described in CVE-2017-0143, CVE-2017-0145, CVE-2017-0146, and CVE-2017-0148.

Sources

msrcnvd

Related Vulnerabilities

BDU:2017-01099

Exploits

Exploit ID: 41891

Source: exploitdb

URL: https://www.exploit-db.com/exploits/41891

Exploit ID: 41987

Source: exploitdb

URL: https://www.exploit-db.com/exploits/41987

Exploit ID: 42030

Source: exploitdb

URL: https://www.exploit-db.com/exploits/42030

Exploit ID: 42031

Source: exploitdb

URL: https://www.exploit-db.com/exploits/42031

Exploit ID: 42315

Source: exploitdb

URL: https://www.exploit-db.com/exploits/42315

Exploit ID: 47456

Source: exploitdb

URL: https://www.exploit-db.com/exploits/47456

Exploit ID: CVE-2017-0144

Source: github-poc

URL: https://github.com/ducanh2oo3/Vulnerability-Research-CVE-2017-0144

Reference Links

http://packetstormsecurity.com/files/154690/DOUBLEPULSAR-Payload-Execution-Neutralization.html
http://packetstormsecurity.com/files/156196/SMB-DOUBLEPULSAR-Remote-Code-Execution.html
http://www.securityfocus.com/bid/96704
http://www.securitytracker.com/id/1037991
https://cert-portal.siemens.com/productcert/pdf/ssa-701903.pdf
https://cert-portal.siemens.com/productcert/pdf/ssa-966341.pdf
https://ics-cert.us-cert.gov/advisories/ICSMA-18-058-02
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0144
https://www.exploit-db.com/exploits/41891/
https://www.exploit-db.com/exploits/41987/
https://www.exploit-db.com/exploits/42030/
https://www.exploit-db.com/exploits/42031/

Vulnerable Software

Type: Configuration

Vendor: microsoft

Product: server_message_block

Operating System: * * *

Trait: 
{
  "children": [
    {
      "cpe_match": [
        {
          "cpe23uri": "cpe:2.3:a:microsoft:server_message_block:1.0:*:*:*:*:*:*:*",
          "vulnerable": true
        }
      ],
      "operator": "OR"
    },
    {
      "cpe_match": [
        {
          "cpe23uri": "cpe:2.3:o:microsoft:windows_10_1507:-:*:*:*:*:*:*:*"
        },
        {
          "cpe23uri": "cpe:2.3:o:microsoft:windows_10_1511:-:*:*:*:*:*:*:*"
        },
        {
          "cpe23uri": "cpe:2.3:o:microsoft:windows_10_1607:-:*:*:*:*:*:*:*"
        },
        {
          "cpe23uri": "cpe:2.3:o:microsoft:windows_7:-:sp1:*:*:*:*:*:*"
        },
        {
          "cpe23uri": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*"
        },
        {
          "cpe23uri": "cpe:2.3:o:microsoft:windows_rt_8.1:-:*:*:*:*:*:*:*"
        },
        {
          "cpe23uri": "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:*:*"
        },
        {
          "cpe23uri": "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:*:*"
        },
        {
          "cpe23uri": "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*"
        },
        {
          "cpe23uri": "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*"
        },
        {
          "cpe23uri": "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*"
        },
        {
          "cpe23uri": "cpe:2.3:o:microsoft:windows_vista:-:sp2:*:*:*:*:*:*"
        }
      ],
      "operator": "OR"
    }
  ],
  "operator": "AND"
}

Source: nvd

Type: Configuration

Vendor: siemens

Product: acuson_p300_firmware

Operating System: * * *

Trait: 
{
  "children": [
    {
      "cpe_match": [
        {
          "cpe23uri": "cpe:2.3:o:siemens:acuson_p300_firmware:13.02:*:*:*:*:*:*:*",
          "vulnerable": true
        },
        {
          "cpe23uri": "cpe:2.3:o:siemens:acuson_p300_firmware:13.03:*:*:*:*:*:*:*",
          "vulnerable": true
        },
        {
          "cpe23uri": "cpe:2.3:o:siemens:acuson_p300_firmware:13.20:*:*:*:*:*:*:*",
          "vulnerable": true
        },
        {
          "cpe23uri": "cpe:2.3:o:siemens:acuson_p300_firmware:13.21:*:*:*:*:*:*:*",
          "vulnerable": true
        }
      ],
      "operator": "OR"
    },
    {
      "cpe_match": [
        {
          "cpe23uri": "cpe:2.3:h:siemens:acuson_p300:-:*:*:*:*:*:*:*"
        }
      ],
      "operator": "OR"
    }
  ],
  "operator": "AND"
}

Source: nvd

Type: Configuration

Vendor: siemens

Product: acuson_p500_firmware

Operating System: * * *

Trait: 
{
  "children": [
    {
      "cpe_match": [
        {
          "cpe23uri": "cpe:2.3:o:siemens:acuson_p500_firmware:va10:*:*:*:*:*:*:*",
          "vulnerable": true
        },
        {
          "cpe23uri": "cpe:2.3:o:siemens:acuson_p500_firmware:vb10:*:*:*:*:*:*:*",
          "vulnerable": true
        }
      ],
      "operator": "OR"
    },
    {
      "cpe_match": [
        {
          "cpe23uri": "cpe:2.3:h:siemens:acuson_p500:-:*:*:*:*:*:*:*"
        }
      ],
      "operator": "OR"
    }
  ],
  "operator": "AND"
}

Source: nvd

Type: Configuration

Vendor: siemens

Product: acuson_sc2000_firmware

Operating System: * * *

Trait: 
{
  "children": [
    {
      "cpe_match": [
        {
          "cpe23uri": "cpe:2.3:o:siemens:acuson_sc2000_firmware:*:*:*:*:*:*:*:*",
          "versionEndExcluding": "4.0e",
          "versionStartIncluding": "4.0",
          "vulnerable": true
        },
        {
          "cpe23uri": "cpe:2.3:o:siemens:acuson_sc2000_firmware:5.0a:*:*:*:*:*:*:*",
          "vulnerable": true
        }
      ],
      "operator": "OR"
    },
    {
      "cpe_match": [
        {
          "cpe23uri": "cpe:2.3:h:siemens:acuson_sc2000:-:*:*:*:*:*:*:*"
        }
      ],
      "operator": "OR"
    }
  ],
  "operator": "AND"
}

Source: nvd

Type: Configuration

Vendor: siemens

Product: acuson_x700_firmware

Operating System: * * *

Trait: 
{
  "children": [
    {
      "cpe_match": [
        {
          "cpe23uri": "cpe:2.3:o:siemens:acuson_x700_firmware:1.0:*:*:*:*:*:*:*",
          "vulnerable": true
        },
        {
          "cpe23uri": "cpe:2.3:o:siemens:acuson_x700_firmware:1.1:*:*:*:*:*:*:*",
          "vulnerable": true
        }
      ],
      "operator": "OR"
    },
    {
      "cpe_match": [
        {
          "cpe23uri": "cpe:2.3:h:siemens:acuson_x700:-:*:*:*:*:*:*:*"
        }
      ],
      "operator": "OR"
    }
  ],
  "operator": "AND"
}

Source: nvd

Type: Configuration

Vendor: siemens

Product: syngo_sc2000_firmware

Operating System: * * *

Trait: 
{
  "children": [
    {
      "cpe_match": [
        {
          "cpe23uri": "cpe:2.3:o:siemens:syngo_sc2000_firmware:*:*:*:*:*:*:*:*",
          "versionEndExcluding": "4.0e",
          "versionStartIncluding": "4.0",
          "vulnerable": true
        },
        {
          "cpe23uri": "cpe:2.3:o:siemens:syngo_sc2000_firmware:5.0a:*:*:*:*:*:*:*",
          "vulnerable": true
        }
      ],
      "operator": "OR"
    },
    {
      "cpe_match": [
        {
          "cpe23uri": "cpe:2.3:h:siemens:syngo_sc2000:-:*:*:*:*:*:*:*"
        }
      ],
      "operator": "OR"
    }
  ],
  "operator": "AND"
}

Source: nvd

Type: Configuration

Vendor: siemens

Product: tissue_preparation_system_firmware

Operating System: * * *

Trait: 
{
  "children": [
    {
      "cpe_match": [
        {
          "cpe23uri": "cpe:2.3:o:siemens:tissue_preparation_system_firmware:*:*:*:*:*:*:*:*",
          "vulnerable": true
        }
      ],
      "operator": "OR"
    },
    {
      "cpe_match": [
        {
          "cpe23uri": "cpe:2.3:h:siemens:tissue_preparation_system:-:*:*:*:*:*:*:*"
        }
      ],
      "operator": "OR"
    }
  ],
  "operator": "AND"
}

Source: nvd

Type: Configuration

Vendor: siemens

Product: versant_kpcr_molecular_system_firmware

Operating System: * * *

Trait: 
{
  "children": [
    {
      "cpe_match": [
        {
          "cpe23uri": "cpe:2.3:o:siemens:versant_kpcr_molecular_system_firmware:*:*:*:*:*:*:*:*",
          "vulnerable": true
        }
      ],
      "operator": "OR"
    },
    {
      "cpe_match": [
        {
          "cpe23uri": "cpe:2.3:h:siemens:versant_kpcr_molecular_system:-:*:*:*:*:*:*:*"
        }
      ],
      "operator": "OR"
    }
  ],
  "operator": "AND"
}

Source: nvd

Type: Configuration

Vendor: siemens

Product: versant_kpcr_sample_prep_firmware

Operating System: * * *

Trait: 
{
  "children": [
    {
      "cpe_match": [
        {
          "cpe23uri": "cpe:2.3:o:siemens:versant_kpcr_sample_prep_firmware:*:*:*:*:*:*:*:*",
          "vulnerable": true
        }
      ],
      "operator": "OR"
    },
    {
      "cpe_match": [
        {
          "cpe23uri": "cpe:2.3:h:siemens:versant_kpcr_sample_prep:-:*:*:*:*:*:*:*"
        }
      ],
      "operator": "OR"
    }
  ],
  "operator": "AND"
}

Source: nvd

Type: Windows KB

Vendor: Microsoft

Product: Windows

Operating System: Windows

Identifier: KB4088880

Source: msrc

Type: Windows KB

Vendor: Microsoft

Product: Windows

Operating System: Windows

Identifier: KB4556840

Source: msrc

Type: Windows KB

Vendor: Microsoft

Product: Windows

Operating System: Windows

Identifier: KB4015550

Source: msrc

Type: Windows KB

Vendor: Microsoft

Product: Windows

Operating System: Windows

Identifier: KB4012213

Source: msrc

Type: Windows KB

Vendor: Microsoft

Product: Windows

Operating System: Windows

Identifier: KB4012215

Source: msrc

Type: Windows KB

Vendor: Microsoft

Product: Windows

Operating System: Windows

Identifier: KB4012212

Source: msrc

Type: Windows KB

Vendor: Microsoft

Product: Windows

Operating System: Windows

Identifier: KB4015549

Source: msrc

Type: Windows KB

Vendor: Microsoft

Product: Windows

Operating System: Windows

Identifier: KB4013198

Source: msrc

Type: Windows KB

Vendor: Microsoft

Product: Windows

Operating System: Windows

Identifier: KB4012606

Source: msrc

Type: Windows KB

Vendor: Microsoft

Product: Windows

Operating System: Windows

Identifier: KB4012598

Source: msrc

Type: Windows KB

Vendor: Microsoft

Product: Windows

Operating System: Windows

Identifier: KB4015551

Source: msrc

Type: Windows KB

Vendor: Microsoft

Product: Windows

Operating System: Windows

Identifier: KB4457140

Source: msrc

Type: Windows KB

Vendor: Microsoft

Product: Windows

Operating System: Windows

Identifier: KB4561612

Source: msrc

Type: Windows KB

Vendor: Microsoft

Product: Windows

Operating System: Windows

Identifier: KB4565537

Source: msrc

Type: Windows KB

Vendor: Microsoft

Product: Windows

Operating System: Windows

Identifier: KB4601348

Source: msrc

Type: Windows KB

Vendor: Microsoft

Product: Windows

Operating System: Windows

Identifier: KB4013429

Source: msrc

Type: Windows KB

Vendor: Microsoft

Product: Windows

Operating System: Windows

Identifier: KB4571736

Source: msrc

Type: Windows KB

Vendor: Microsoft

Product: Windows

Operating System: Windows

Identifier: KB4561674

Source: msrc

Type: Windows KB

Vendor: Microsoft

Product: Windows

Operating System: Windows

Identifier: KB4577038

Source: msrc

Type: Windows KB

Vendor: Microsoft

Product: Windows

Operating System: Windows

Identifier: KB5000847

Source: msrc

Type: Windows KB

Vendor: Microsoft

Product: Windows

Operating System: Windows

Identifier: KB4550917

Source: msrc

Type: Windows KB

Vendor: Microsoft

Product: Windows

Operating System: Windows

Identifier: KB4486993

Source: msrc

Type: Windows KB

Vendor: Microsoft

Product: Windows

Operating System: Windows

Identifier: KB4489884

Source: msrc

Type: Windows KB

Vendor: Microsoft

Product: Windows

Operating System: Windows

Identifier: KB4525253

Source: msrc

Type: Windows KB

Vendor: Microsoft

Product: Windows

Operating System: Windows

Identifier: KB4592497

Source: msrc

Type: Windows KB

Vendor: Microsoft

Product: Windows

Operating System: Windows

Identifier: KB4541510

Source: msrc

Type: Windows KB

Vendor: Microsoft

Product: Windows

Operating System: Windows

Identifier: KB4592468

Source: msrc

Type: Windows KB

Vendor: Microsoft

Product: Windows

Operating System: Windows

Identifier: KB4586834

Source: msrc

Type: Windows KB

Vendor: Microsoft

Product: Windows

Operating System: Windows

Identifier: KB4598297

Source: msrc

Type: Windows KB

Vendor: Microsoft

Product: Windows

Operating System: Windows

Identifier: KB4580353

Source: msrc

Type: Windows KB

Vendor: Microsoft

Product: Windows

Operating System: Windows

Identifier: KB4580382

Source: msrc

Type: Windows KB

Vendor: Microsoft

Product: Windows

Operating System: Windows

Identifier: KB4012216

Source: msrc

Type: Windows KB

Vendor: Microsoft

Product: Windows

Operating System: Windows

Identifier: KB4598278

Source: msrc

Type: Windows KB

Vendor: Microsoft

Product: Windows

Operating System: Windows

Identifier: KB4577048

Source: msrc

Type: Windows KB

Vendor: Microsoft

Product: Windows

Operating System: Windows

Identifier: KB4493450

Source: msrc

Type: Windows KB

Vendor: Microsoft

Product: Windows

Operating System: Windows

Identifier: KB4537814

Source: msrc

Type: Windows KB

Vendor: Microsoft

Product: Windows

Operating System: Windows

Identifier: KB4018466

Source: msrc

Type: Windows KB

Vendor: Microsoft

Product: Windows

Operating System: Windows

Identifier: KB4012217

Source: msrc

Type: Windows KB

Vendor: Microsoft

Product: Windows

Operating System: Windows

Identifier: KB4012214

Source: msrc

Type: Windows KB

Vendor: Microsoft

Product: Windows

Operating System: Windows

Identifier: KB4534283

Source: msrc