CVE-2017-0212

HIGH

Windows Hyper-V - Elevation of Privilege via vSMB Packet Data Validation

Title source: llm
STIX 2.1

Description

Windows Hyper-V allows an elevation of privilege vulnerability when Microsoft Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 fail to properly validate vSMB packet data, aka "Windows Hyper-V vSMB Elevation of Privilege Vulnerability".

References (2)

Core 2
Core References
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/98099

Scores

CVSS v3 7.6
EPSS 0.0035
EPSS Percentile 57.6%
Attack Vector ADJACENT_NETWORK
CVSS:3.0/AV:A/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H

Details

CWE
CWE-20
Status published
Products (6)
microsoft/windows_10
microsoft/windows_10 1511
microsoft/windows_10 1607
microsoft/windows_10 1703
microsoft/windows_server_2016
Microsoft Corporation/Microsoft Hyper-V Microsoft Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016.
Published May 12, 2017
Tracked Since Feb 18, 2026