CVE-2017-0145
HIGH KEV RANSOMWAREMicrosoft Server Message Block < 4.0e - Remote Code Execution
Title source: ruleDescription
The SMBv1 server in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; and Windows 10 Gold, 1511, and 1607; and Windows Server 2016 allows remote attackers to execute arbitrary code via crafted packets, aka "Windows SMB Remote Code Execution Vulnerability." This vulnerability is different from those described in CVE-2017-0143, CVE-2017-0144, CVE-2017-0146, and CVE-2017-0148.
Exploits (5)
exploitdb
WORKING POC
by Juan Sacco · pythonremotewindows_x86-64
https://www.exploit-db.com/exploits/41987
exploitdb
SCANNER
VERIFIED
by Sean Dillon · rubydoswindows
https://www.exploit-db.com/exploits/41891
References (11)
Scores
CVSS v3
8.8
EPSS
0.9327
EPSS Percentile
99.8%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Exploitation Intel
CISA KEV
2022-02-10
VulnCheck KEV
2017-03-14
InTheWild.io
2017-03-14
ENISA EUVD
EUVD-2017-0512
Ransomware Use
Confirmed
Classification
Status
draft
Affected Products (16)
microsoft/server_message_block
siemens/acuson_p300_firmware
siemens/acuson_p300_firmware
siemens/acuson_p300_firmware
siemens/acuson_p300_firmware
siemens/acuson_p500_firmware
siemens/acuson_p500_firmware
siemens/acuson_sc2000_firmware
< 4.0e
siemens/acuson_sc2000_firmware
siemens/acuson_x700_firmware
siemens/acuson_x700_firmware
siemens/syngo_sc2000_firmware
< 4.0e
siemens/syngo_sc2000_firmware
siemens/tissue_preparation_system_firmware
siemens/versant_kpcr_molecular_system_firmware
... and 1 more
Timeline
Published
Mar 17, 2017
KEV Added
Feb 10, 2022
Tracked Since
Feb 18, 2026