CVE-2017-8540
HIGH KEVMicrosoft Malware Protection Engine - Out-of-Bounds Write
Title source: ruleDescription
The Microsoft Malware Protection Engine running on Microsoft Forefront and Microsoft Defender on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016, Microsoft Exchange Server 2013 and 2016, does not properly scan a specially crafted file leading to memory corruption. aka "Microsoft Malware Protection Engine Remote Code Execution Vulnerability", a different vulnerability than CVE-2017-8538 and CVE-2017-8541.
Exploits (1)
exploitdb
WORKING POC
VERIFIED
by Google Security Research · textdoswindows
https://www.exploit-db.com/exploits/42088
References (5)
Scores
CVSS v3
7.8
EPSS
0.7943
EPSS Percentile
99.1%
Attack Vector
LOCAL
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Details
CISA KEV
2022-03-03
VulnCheck KEV
2022-03-03
InTheWild.io
2022-03-03
ENISA EUVD
EUVD-2017-17490
CWE
CWE-787
Status
published
Products (12)
microsoft/endpoint_protection
microsoft/exchange_server
2013
microsoft/exchange_server
2016
microsoft/forefront_endpoint_protection
microsoft/forefront_endpoint_protection
2010
microsoft/forefront_security
microsoft/intune_endpoint_protection
microsoft/malware_protection_engine
1.1.13701.0 - 1.1.13704.0
microsoft/security_essentials
microsoft/system_center_endpoint_protection
... and 2 more
Published
May 26, 2017
KEV Added
Mar 03, 2022
Tracked Since
Feb 18, 2026