Microsoft had released a Security Advisory 4025685 on June 14 to fix multiple critical security vulnerabilities in such systems as Microsoft Windows XP, Windows Server 2003, Windows VISTA, and Windows 8. Attackers can exploit these vulnerabilities to implement remote code execution or privilege elevation. (Vulnerability ID: HWPSIRT-2017-06114,HWPSIRT-2017-06115,HWPSIRT-2017-06131,HWPSIRT-2017-06133,HWPSIRT-2017-06153 and HWPSIRT-2017-06154)

The six vulnerabilities have been assigned six Common Vulnerabilities and Exposures (CVE) IDs: CVE-2017-0176, CVE-2017-8461, CVE-2017-8464, CVE-2017-8487, CVE-2017-8543 and CVE-2017-8552.

Huawei has released solutions to fix all these vulnerabilities. This advisory is available at the following link:
http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20170616-01-windows-en

openvas 20

threatpost 3

nessus 14

kaspersky 5

myhack58 4

rapid7community 3

checkpoint_advisories 4

prion 6

cve 7

symantec 4

zdt 5

qualysblog 2

packetstorm 3

trendmicroblog 3

canvas 1

attackerkb 3

cisa_kev 2

mskb 14

krebs 1

exploitpack 2

mscve 2

malwarebytes 1

securelist 1

metasploit 2

thn 2

exploitdb 2

rapid7blog 1

cert 1

mssecure 2

mmpc 2

cisa 1

talosblog 1

openvas

Huawei Data Communication: Multiple Vulnerabilities Released on Microsoft security advisory 4025685 (huawei-sa-20170909-01-windows)

2020-06-05 00:00:00

Microsoft Windows Multiple RCE Vulnerabilities (KB4022839)

2017-06-16 00:00:00

Microsoft Windows 'olecnv32.dll' Remote Code Execution Vulnerability (KB4025218)

2017-06-16 00:00:00

threatpost

Rare XP Patches Fix Three Remaining Leaked NSA Exploits

2017-06-14 08:50:23

Microsoft Patches Two Critical Vulnerabilities Under Attack

2017-06-13 16:23:28

Self-Propagating Lucifer Malware Targets Windows Systems

2020-06-24 21:20:16

nessus

Microsoft Security Advisory 4025685: Guidance for older platforms (XP / 2003) (EXPLODINGCAN)

2017-06-14 00:00:00

Windows 8 June 2017 Security Updates

2017-06-14 00:00:00

Microsoft Windows Search Remote Code Execution Vulnerability (CVE-2017-8543)

2017-08-22 00:00:00

kaspersky

KLA11056 Multiple arbitrary code execution vulnerabilities in Microsoft Windows

2017-06-15 00:00:00

KLA11040 Elevation of privilege vulnerability in Microsoft Windows

2017-06-05 00:00:00

KLA11046 Multiple vulnerabilities in Microsoft Windows

2017-06-13 00:00:00

myhack58

【Major vulnerability warning】Windows two critical remote code execution vulnerability-vulnerability warning-the black bar safety net

2017-06-14 00:00:00

CVE–2017–8543 Windows Search remote code execution vulnerability alerts-a vulnerability alert-the black bar safety net

2017-08-05 00:00:00

“The seismic network of the third generation”（CVE-2017-8464 several species using the method and prevention-vulnerability and early warning-the black bar safety net

2017-08-07 00:00:00

rapid7community

Patch Tuesday - June 2017

2017-06-14 12:04:23

Remote Desktop Protocol (RDP) Exposure

2017-08-09 15:01:25

Metasploit Wrapup

2017-08-11 20:03:59

checkpoint_advisories

Microsoft Windows OLE Global Buffer Overflow (CVE-2017-8487)

2017-07-13 00:00:00

Microsoft Windows Search Remote Code Execution (CVE-2017-8543)

2017-06-13 00:00:00

Microsoft LNK Remote Code Execution (CVE-2017-8464; CVE-2018-0978)

2017-06-13 00:00:00

prion

Remote code execution

2017-06-15 20:29:00

Remote code execution

2017-06-15 01:29:00

Remote code execution

2017-06-15 20:29:00

cve

CVE-2017-8487

2017-06-15 20:29:00

CVE-2017-8461

2017-06-15 20:29:00

CVE-2017-8464

2017-06-15 01:29:00

symantec

Microsoft Windows OLE CVE-2017-8487 Remote Code Execution Vulnerability

2017-06-13 00:00:00

Microsoft Windows RPC CVE-2017-8461 Remote Code Execution Vulnerability

2017-06-13 00:00:00

Microsoft Windows LNK CVE-2017-8464 Remote Code Execution Vulnerability

2017-06-13 00:00:00

zdt

Microsoft Windows - IOCTL 0x390400, operation code 0x00020000 Kernel KsecDD Pool Memory Disclosure E

2017-06-21 00:00:00

Microsoft Windows - LNK Shortcut File Code Execution Exploit

2017-07-26 00:00:00

Microsoft Windows RRAS Service MIBEntryGet Overflow Exploit

2021-03-08 00:00:00

qualysblog

Microsoft Fixes 94 Security Issues in Massive June Update

2017-06-13 18:28:02

Managing CISA Known Exploited Vulnerabilities with Qualys VMDR

2022-02-23 05:39:00

packetstorm

Microsoft Windows RRAS Service MIBEntryGet Overflow

2021-03-05 00:00:00

Microsoft Windows LNK Shortcut File Code Execution

2017-08-01 00:00:00

Microsoft Windows LNK File Code Execution

2017-11-08 00:00:00

trendmicroblog

TippingPoint Threat Intelligence and Zero-Day Coverage – Week of July 3, 2017

2017-07-07 15:45:09

The Real-World Impact of Bug Bounties and Vulnerability Research

2017-07-06 16:31:43

TippingPoint Threat Intelligence and Zero-Day Coverage – Week of June 12, 2017

2017-06-16 12:00:40

canvas

Immunity Canvas: SPECIAL_LNK

2017-06-15 01:29:00

attackerkb

CVE-2017-8464

2017-06-15 00:00:00

CVE-2017-8543

2017-06-15 00:00:00

CVE-2017-8552

2017-06-15 00:00:00

cisa_kev

Microsoft Windows Shell (.lnk) Remote Code Execution Vulnerability

2022-02-10 00:00:00

Microsoft Windows Search Remote Code Execution Vulnerability

2022-05-24 00:00:00

mskb

LNK remote code execution vulnerability: June 13, 2017

2017-06-13 07:00:00

Windows search vulnerabilities in Windows Server 2008: June 13, 2017

2017-06-13 07:00:00

June 13, 2017—KB4022722 (Security-only update)

2017-06-28 07:00:00

krebs

Microsoft, Adobe Ship Critical Fixes

2017-06-13 19:47:31

exploitpack

Microsoft Windows - .LNK Shortcut File Code Execution (Metasploit)

2017-07-26 00:00:00

Microsoft Windows - .LNK Shortcut File Code Execution

2017-08-06 00:00:00

mscve

LNK Remote Code Execution Vulnerability

2017-06-13 07:00:00

Windows Search Remote Code Execution Vulnerability

2017-06-13 07:00:00

malwarebytes

LemonDuck no longer settles for breadcrumbs

2021-07-30 17:19:31

securelist

Threats to users of adult websites in 2018

2019-02-21 10:00:01

metasploit

LNK Code Execution Vulnerability

2017-10-05 14:16:31

LNK Code Execution Vulnerability

2017-08-02 20:46:30

thn

Cryptocurrency Mining Malware Infected Over Half-Million PCs Using NSA Exploit

2018-01-31 23:05:00

Microsoft Issues Updates for 96 Vulnerabilities You Need to Patch this Month

2017-06-13 23:18:00

exploitdb

Microsoft Windows - '.LNK' Shortcut File Code Execution

2017-08-06 00:00:00

Microsoft Windows - '.LNK' Shortcut File Code Execution (Metasploit)

2017-07-26 00:00:00

rapid7blog

Metasploit Wrap-Up

2021-03-12 21:45:48

cert

Microsoft Windows automatically executes code specified in shortcut files

2017-08-03 00:00:00

mssecure

When coin miners evolve, Part 2: Hunting down LemonDuck and LemonCat attacks

2021-07-29 19:00:59

When coin miners evolve, Part 1: Exposing LemonDuck and LemonCat, modern mining malware infrastructure

2021-07-22 16:00:57

mmpc

When coin miners evolve, Part 2: Hunting down LemonDuck and LemonCat attacks

2021-07-29 19:00:59

When coin miners evolve, Part 1: Exposing LemonDuck and LemonCat, modern mining malware infrastructure

2021-07-22 16:00:57

cisa

CISA Adds 15 Known Exploited Vulnerabilities to Catalog

2022-02-10 00:00:00

talosblog

Microsoft Patch Tuesday - June 2017

2017-06-13 13:48:00

Products

Security Intelligence
Non-intrusive assessment
Developers SDK
Windows scanner
Linux scanner
Perimeter control tool
MSSP

Database

Vulnerabilities
Exploits
IOC
Security News
BugBounty
Popular
Wild Exploited
Top Vulnerabilities

Tools

Linux Security Scanner
API integration
Subscriptions
Plugins
Manual Audit

Learn More

Stats
API
Docs
Api-keys
License
Pricing
Glossary
FAQ

Company

Blog
Contacts
About Us
OpenSource
EULA
Brand Guideline
Privacy Policy

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply. All product names, logos, and brands are property of their respective owners. All company, product and service names used in this website are for identification purposes only. Use of these names, logos, and brands does not imply endorsement.If you are an owner of some content and want it to be removed, please contact us. Using Vulners services you are accepting Vulners services end-user license agreement

@2024 Vulners Inc

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.975 High

EPSS

Percentile

100.0%

JSON

Related for HUAWEI-SA-20170616-01-WINDOWS