CVE-2017-0144

HIGH KEV RANSOMWARE

Microsoft Server Message Block < 4.0e - Remote Code Execution

Title source: rule

Description

The SMBv1 server in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; and Windows 10 Gold, 1511, and 1607; and Windows Server 2016 allows remote attackers to execute arbitrary code via crafted packets, aka "Windows SMB Remote Code Execution Vulnerability." This vulnerability is different from those described in CVE-2017-0143, CVE-2017-0145, CVE-2017-0146, and CVE-2017-0148.

Exploits (25)

nomisec SCANNER 339 stars
by peterpt · poc
https://github.com/peterpt/eternal_scanner
nomisec WRITEUP 17 stars
by EEsshq · poc
https://github.com/EEsshq/CVE-2017-0144---EtneralBlue-MS17-010-Remote-Code-Execution
nomisec WRITEUP 11 stars
by AdityaBhatt3010 · poc
https://github.com/AdityaBhatt3010/VAPT-Report-on-SMB-Exploitation-in-Windows-10-Finance-Endpoint
nomisec WORKING POC 4 stars
by AtithKhawas · poc
https://github.com/AtithKhawas/autoblue
nomisec WORKING POC 2 stars
by sethwhy · infoleak
https://github.com/sethwhy/BlueDoor
nomisec WRITEUP 1 stars
by nivedh-j · poc
https://github.com/nivedh-j/EternalBlue-Explained
nomisec SCANNER 1 stars
by MedX267 · poc
https://github.com/MedX267/EternalBlue-Vulnerability-Scanner
nomisec SCANNER 1 stars
by kimocoder · remote
https://github.com/kimocoder/eternalblue
nomisec WRITEUP
by denuwanjayasekara · poc
https://github.com/denuwanjayasekara/CVE-Exploitation-Reports
nomisec WRITEUP
by FireTemple · poc
https://github.com/FireTemple/Blackash-CVE-2017-0144
github WRITEUP
by OscarYR · poc
https://github.com/OscarYR/CVE_Reproduction/tree/main/EternalBlue/CVE-2017-0144.md
nomisec WRITEUP
by luckyman2907 · poc
https://github.com/luckyman2907/SMB-Protocol-Vulnerability_CVE-2017-0144
nomisec WORKING POC
by pelagornisandersi · poc
https://github.com/pelagornisandersi/WIndows-7-automated-exploitation-using-metasploit-framework-
nomisec WRITEUP
by ducanh2oo3 · poc
https://github.com/ducanh2oo3/Vulnerability-Research-CVE-2017-0144
nomisec SUSPICIOUS
by AnugiArrawwala · poc
https://github.com/AnugiArrawwala/CVE-Research
nomisec SCANNER
by quynhold · poc
https://github.com/quynhold/Detect-CVE-2017-0144-attack
nomisec WRITEUP
by AbbeAlthany · poc
https://github.com/AbbeAlthany/Windows-7_och_CVE-2017-0144_Exploit
nomisec WRITEUP
by Mitsu-bis · poc
https://github.com/Mitsu-bis/Eternal-Blue-CVE-2017-0144-THM-Write-Up
metasploit SCANNER
by Sean Dillon <[email protected]>, Luke Jennings · rubypoc
https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/scanner/smb/smb_ms17_010.rb
exploitdb WORKING POC VERIFIED
by sleepya · pythonremotewindows_x86-64
https://www.exploit-db.com/exploits/42030
exploitdb WORKING POC VERIFIED
by sleepya · pythonremotewindows
https://www.exploit-db.com/exploits/42031
exploitdb WORKING POC
by Juan Sacco · pythonremotewindows_x86-64
https://www.exploit-db.com/exploits/41987
exploitdb SCANNER VERIFIED
by Sean Dillon · rubydoswindows
https://www.exploit-db.com/exploits/41891
exploitdb WORKING POC
rubyremotewindows
https://www.exploit-db.com/exploits/47456
exploitdb WORKING POC VERIFIED
by sleepya · pythonremotewindows
https://www.exploit-db.com/exploits/42315

References (13)

Scores

CVSS v3 8.8
EPSS 0.9432
EPSS Percentile 99.9%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Exploitation Intel

CISA KEV 2022-02-10
VulnCheck KEV 2016-04-22
InTheWild.io 2017-03-14
ENISA EUVD EUVD-2017-0511
Ransomware Use Confirmed

Classification

Status draft

Affected Products (16)

microsoft/server_message_block
siemens/acuson_p300_firmware
siemens/acuson_p300_firmware
siemens/acuson_p300_firmware
siemens/acuson_p300_firmware
siemens/acuson_p500_firmware
siemens/acuson_p500_firmware
siemens/acuson_sc2000_firmware < 4.0e
siemens/acuson_sc2000_firmware
siemens/acuson_x700_firmware
siemens/acuson_x700_firmware
siemens/syngo_sc2000_firmware < 4.0e
siemens/syngo_sc2000_firmware
siemens/tissue_preparation_system_firmware
siemens/versant_kpcr_molecular_system_firmware
... and 1 more

Timeline

Published Mar 17, 2017
KEV Added Feb 10, 2022
Tracked Since Feb 18, 2026