Lucene search

MicrosoftCVELIST:CVE-2017-0146

HistoryMar 17, 2017 - 12:00 a.m.

CVE-2017-0146

2017-03-1700:00:00

microsoft

www.cve.org

7.7 High

AI Score

Confidence

High

0.974 High

EPSS

Percentile

99.9%

JSON

The SMBv1 server in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; and Windows 10 Gold, 1511, and 1607; and Windows Server 2016 allows remote attackers to execute arbitrary code via crafted packets, aka “Windows SMB Remote Code Execution Vulnerability.” This vulnerability is different from those described in CVE-2017-0143, CVE-2017-0144, CVE-2017-0145, and CVE-2017-0148.

CNA Affected

[
  {
    "product": "Windows SMB",
    "vendor": "Microsoft Corporation",
    "versions": [
      {
        "status": "affected",
        "version": "The SMBv1 server in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; and Windows 10 Gold, 1511, and 1607"
      }
    ]
  }
]

References

packetstormsecurity.com/files/154690/DOUBLEPULSAR-Payload-Execution-Neutralization.html

packetstormsecurity.com/files/156196/SMB-DOUBLEPULSAR-Remote-Code-Execution.html

www.securityfocus.com/bid/96707

www.securitytracker.com/id/1037991

cert-portal.siemens.com/productcert/pdf/ssa-701903.pdf

cert-portal.siemens.com/productcert/pdf/ssa-966341.pdf

ics-cert.us-cert.gov/advisories/ICSMA-18-058-02

portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0146

www.exploit-db.com/exploits/41891/

www.exploit-db.com/exploits/41987/

www.exploit-db.com/exploits/43970/

cvelist

CVE-2017-0143

2017-03-17 00:00:00

CVE-2017-0144

2017-03-17 00:00:00

CVE-2017-0148

2017-03-17 00:00:00

prion

Remote code execution

2017-03-17 00:59:00

Remote code execution

2017-03-17 00:59:00

Remote code execution

2017-03-17 00:59:00

nvd

CVE-2017-0144

2017-03-17 00:59:04

CVE-2017-0146

2017-03-17 00:59:04

CVE-2017-0145

2017-03-17 00:59:04

cve

CVE-2017-0143

2017-03-17 00:59:03

CVE-2017-0146

2017-03-17 00:59:04

CVE-2017-0144

2017-03-17 00:59:04

attackerkb

CVE-2017-0148

2017-03-17 00:00:00

CVE-2017-0144 (MS17-010)

2017-03-17 00:00:00

CVE-2017-0143

2017-03-17 00:00:00

huawei

Security Advisory - 'WannaCry ransomware' Vulnerabilities in Microsoft Windows Systems

2017-05-13 00:00:00

mskb

MS17-010: Security update for Windows SMB Server: March 14, 2017

2017-03-14 00:00:00

MS17-010: Description of the security update for Windows SMB Server: March 14, 2017

2017-03-14 07:00:00

March 2017 Security Only Quality Update for Windows Server 2012

2017-03-14 07:00:00

rapid7community

Vulnerability Management Tips for the Shadow Brokers Leaked Exploits

2017-05-24 23:14:26

Scanning and Remediating WannaCry/MS17-010 in InsightVM and Nexpose

2017-05-15 18:25:42

Petya-like ransomworm: Leveraging InsightVM and Nexpose for visibility into MS17-010

2017-08-03 16:56:04

packetstorm

SMB DOUBLEPULSAR Remote Code Execution

2020-02-04 00:00:00

MS17-010 EternalBlue SMB Remote Windows Kernel Pool Corruption

2017-05-17 00:00:00

DOUBLEPULSAR Payload Execution / Neutralization

2019-10-01 00:00:00

zdt

Microsoft Windows - Uncredentialed SMB RCE (MS17-010) Exploit

2017-04-17 00:00:00

SMB DOUBLEPULSAR Remote Code Execution Exploit

2020-02-04 00:00:00

DOUBLEPULSAR - Payload Execution and Neutralization Exploit

2019-10-04 00:00:00

seebug

ETERNALBLUE - Remote RCE via SMB & NBT (Windows XP to Windows 2012)

2017-04-15 00:00:00

EternalChampion - Windows SMB Remote Code Execution Vulnerability (CVE-2017-0146)

2017-04-17 00:00:00

openvas

Microsoft Windows SMB Server Multiple Vulnerabilities-Remote (4013389)

2017-03-22 00:00:00

Microsoft Windows SMB Server Multiple Vulnerabilities (4013389)

2017-03-15 00:00:00

Double Pulsar Infection Detect

2017-04-18 00:00:00

kaspersky

KLA10977 Multiple vulnerabilities in Microsoft Server Message Block (SMB)

2017-03-14 00:00:00

KLA11902 Multiple vulnerabilities in Microsoft Products (ESU)

2017-03-14 00:00:00

KLA10979 Multiple vulnerabilities in Microsoft Windows

2017-03-14 00:00:00

K57181937 : Multiple Microsoft SMB (Wannacry/Wannacrypt/Petya/Goldeneye) vulnerabilities

2017-05-16 00:00:00

nessus

MS17-010: Security Update for Microsoft Windows SMB Server (4013389) (ETERNALBLUE) (ETERNALCHAMPION) (ETERNALROMANCE) (ETERNALSYNERGY) (WannaCry) (EternalRocks) (Petya)

2017-03-15 00:00:00

MS17-010: Security Update for Microsoft Windows SMB Server (4013389) (ETERNALBLUE) (ETERNALCHAMPION) (ETERNALROMANCE) (ETERNALSYNERGY) (WannaCry) (EternalRocks) (Petya) (uncredentialed check)

2017-03-20 00:00:00

mmpc

New ransomware, old techniques: Petya adds worm capabilities

2017-06-28 06:57:43

Ransomware 1H 2017 review: Global outbreaks reinforce the value of security hygiene

2017-09-06 14:58:36

Analysis of the Shadow Brokers release and mitigation with Windows 10 virtualization-based security

2017-06-16 18:17:03

canvas

Immunity Canvas: MS17_010

2017-03-17 00:59:00

Immunity Canvas: ETERNALBLUE

2017-03-17 00:59:00

threatpost

PyRoMine Uses NSA Exploit for Monero Mining and Backdoors

2018-04-26 18:21:13

Calypso APT Emerges from the Shadows to Target Governments

2019-10-31 18:55:02

EternalBlue Exploit Used in Retefe Banking Trojan Campaign

2017-09-22 14:02:28

thn

Necro Python Malware Upgrades With New Exploits and Crypto Mining Capabilities

2021-06-03 17:01:00

Bad Rabbit Ransomware Uses Leaked 'EternalRomance' NSA Exploit to Spread

2017-10-26 23:57:00

More Hacking Groups Found Exploiting SMB Flaw Weeks Before WannaCry

2017-05-19 01:52:00

rapid7blog

Conti Ransomware Group Internal Chats Leaked Over Russia-Ukraine Conflict

2022-03-01 19:15:58

Metasploit Wrap-Up

2021-03-05 17:20:43

Open-Source Security: Getting to the Root of the Problem

2022-01-19 18:02:43

trendmicroblog

TippingPoint Threat Intelligence and Zero-Day Coverage – Week of June 26, 2017

2017-06-30 12:00:57

Double Whammy: When One Attack Masks Another Attack

2017-11-20 16:29:06

WannaCry & The Reality Of Patching

2017-05-15 00:46:55

mscve

Windows SMB Remote Code Execution Vulnerability

2017-03-14 07:00:00

Windows SMB Remote Code Execution Vulnerability

2017-03-14 07:00:00

Windows SMB Remote Code Execution Vulnerability

2017-03-14 07:00:00

cisa_kev

Microsoft Windows Server Message Block (SMBv1) Remote Code Execution Vulnerability

2021-11-03 00:00:00

Microsoft SMBv1 Server Remote Code Execution Vulnerability

2022-04-06 00:00:00

Microsoft SMBv1 Remote Code Execution Vulnerability

2022-02-10 00:00:00

symantec

Microsoft Windows SMB Server CVE-2017-0143 Remote Code Execution Vulnerability

2017-03-14 00:00:00

Microsoft Windows SMB Server CVE-2017-0148 Remote Code Execution Vulnerability

2017-03-14 00:00:00

Microsoft Windows SMB Server CVE-2017-0145 Remote Code Execution Vulnerability

2017-03-14 00:00:00

carbonblack

CB TAU Technical Analysis: DLTMiner Campaign Targeting Corporations in Asia

2019-07-23 13:47:50

checkpoint_advisories

Microsoft Windows SMB Remote Code Execution (MS17-010: CVE-2017-0148)

2017-05-16 00:00:00

Microsoft Windows SMB Remote Code Execution (MS17-010: CVE-2017-0145)

2017-03-14 00:00:00

Microsoft Windows SMB Remote Code Execution (MS17-010: CVE-2017-0143)

2017-03-14 00:00:00

avleonov

Downloading entire Vulners.com database in 5 minutes

2017-08-09 17:49:03

Petya the Great and why *they* don’t patch vulnerabilities

2017-06-29 21:29:50

Is Vulnerability Management more about Vulnerabilities or Management?

2020-02-11 13:46:54

talosblog

Cisco Coverage for Adylkuzz, Uiwix, and EternalRocks

2017-05-22 15:14:00

saint

Windows SMBv1 Remote Command Execution

2017-04-26 00:00:00

Windows SMBv1 Remote Command Execution

2017-04-26 00:00:00

Windows SMBv1 Remote Command Execution

2017-04-26 00:00:00

malwarebytes

How threat actors are using SMB vulnerabilities

2018-12-14 16:00:00

Threat spotlight: the curious case of Ryuk ransomware

2019-12-12 22:33:53

trellix

How Groove Gang is Shaking up the RAAS to Empower Affiliates

2021-09-08 00:00:00

How Groove Gang is Shaking up the RAAS to Empower Affiliates

2021-09-08 00:00:00

Connected Healthcare: A Cybersecurity Battlefield We Must Win

2022-06-06 00:00:00

myhack58

The SMB vulnerability triggered“bloodshed”, far more than WannaCry-vulnerability warning-the black bar safety net

2017-05-23 00:00:00

kitploit

Eternal - An internet scanner for Eternal Blue [exploit CVE-2017-0144]

2017-07-22 20:30:00

fireeye

CVE-2017-10271 Used to Deliver CryptoMiners: An Overview of Techniques Used Post-Exploitation and Pre-Mining

2018-02-15 16:30:00

CVE-2017-10271 Used to Deliver CryptoMiners: An Overview of Techniques Used Post-Exploitation and Pre-Mining

2018-02-15 11:30:00

ics

Enhancing Cyber Resilience: Insights from the CISA Healthcare and Public Health Sector Risk and Vulnerability Assessment

2023-12-15 12:00:00

Philips Intellispace Portal ISP Vulnerabilities

2018-02-27 12:00:00

Baxter ExactaMix (Update A)

2020-07-28 12:00:00

qualysblog

The Rise of Ransomware

2021-10-05 12:50:00

Emotet Re-emerges with Help from TrickBot

2022-01-06 14:05:53

Conti Ransomware

2021-11-18 17:17:56

securelist

A mining multitool

2018-07-26 10:00:25

APT trends report Q2 2019

2019-08-01 10:00:05

nmap

smb-vuln-ms17-010 NSE Script

2017-05-27 07:57:34

ibm

Security Bulletin: Multiple vulnerabilities in Cloud Pak System

2019-10-24 21:43:28

cisa

CISA Adds 15 Known Exploited Vulnerabilities to Catalog

2022-02-10 00:00:00

mssecure

When coin miners evolve, Part 2: Hunting down LemonDuck and LemonCat attacks

2021-07-29 19:00:59

When coin miners evolve, Part 1: Exposing LemonDuck and LemonCat, modern mining malware infrastructure

2021-07-22 16:00:57

7.7 High

AI Score

Confidence

High

0.974 High

EPSS

Percentile

99.9%

JSON

CVE-2017-0146

CNA Affected

References

Related