CVE-2017-0148

The SMBv1 server in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; and Windows 10 Gold, 1511, and 1607; and Windows Server 2016 allows remote attackers to execute arbitrary code via crafted packets, aka "Windows SMB Remote Code Execution Vulnerability." This vulnerability is different from those described in CVE-2017-0143, CVE-2017-0144, CVE-2017-0145, and CVE-2017-0146.

Published at
2017-03-17T00:59Z
2091 days ago
Modified
2018-06-21T01:29Z
1630 days ago
CWE-20
Problem type

Impact

CVSS v3 vector string
CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

Attack Vector

Attack Complexity

Privileges Required

User Interaction

Scope

Confidentiality

Integrity

Availability

Severity Score Vector

8.1CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

References


URLType
portal.msrc.microsoft.com
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0148
CONFIRM
96706
http://www.securityfocus.com/bid/96706
BID
1037991
http://www.securitytracker.com/id/1037991
SECTRACK
41987
https://www.exploit-db.com/exploits/41987/
EXPLOIT-DB
41891
https://www.exploit-db.com/exploits/41891/
EXPLOIT-DB
ics-cert.us-cert.gov
https://ics-cert.us-cert.gov/advisories/ICSMA-18-058-02
MISC
cert-portal.siemens.com
https://cert-portal.siemens.com/productcert/pdf/ssa-701903.pdf
CONFIRM
cert-portal.siemens.com
https://cert-portal.siemens.com/productcert/pdf/ssa-966341.pdf
CONFIRM
packetstormsecurity.com
http://packetstormsecurity.com/files/154690/DOUBLEPULSAR-Payload-Execution-Neutralization.html
MISC
packetstormsecurity.com
http://packetstormsecurity.com/files/156196/SMB-DOUBLEPULSAR-Remote-Code-Execution.html
MISC

GET https://vulnerabilitydata.com/api/details/CVE-2017-0148

{
	"id": "CVE-2017-0148",
	"published_date": "2017-03-17T00:59Z",
	"last_modified_date": "2018-06-21T01:29Z",
	"assigner": "secure@microsoft.com",
	"description": "The SMBv1 server in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; and Windows 10 Gold, 1511, and 1607; and Windows Server 2016 allows remote attackers to execute arbitrary code via crafted packets, aka \"Windows SMB Remote Code Execution Vulnerability.\" This vulnerability is different from those described in CVE-2017-0143, CVE-2017-0144, CVE-2017-0145, and CVE-2017-0146.",
	"references": [
		{
			"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0148",
			"name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0148",
			"refsource": "CONFIRM",
			"tags": [
				"Vendor Advisory"
			]
		},
		{
			"url": "http://www.securityfocus.com/bid/96706",
			"name": "96706",
			"refsource": "BID",
			"tags": []
		},
		{
			"url": "http://www.securitytracker.com/id/1037991",
			"name": "1037991",
			"refsource": "SECTRACK",
			"tags": []
		},
		{
			"url": "https://www.exploit-db.com/exploits/41987/",
			"name": "41987",
			"refsource": "EXPLOIT-DB",
			"tags": []
		},
		{
			"url": "https://www.exploit-db.com/exploits/41891/",
			"name": "41891",
			"refsource": "EXPLOIT-DB",
			"tags": []
		},
		{
			"url": "https://ics-cert.us-cert.gov/advisories/ICSMA-18-058-02",
			"name": "https://ics-cert.us-cert.gov/advisories/ICSMA-18-058-02",
			"refsource": "MISC",
			"tags": []
		},
		{
			"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-701903.pdf",
			"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-701903.pdf",
			"refsource": "CONFIRM",
			"tags": []
		},
		{
			"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-966341.pdf",
			"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-966341.pdf",
			"refsource": "CONFIRM",
			"tags": []
		},
		{
			"url": "http://packetstormsecurity.com/files/154690/DOUBLEPULSAR-Payload-Execution-Neutralization.html",
			"name": "http://packetstormsecurity.com/files/154690/DOUBLEPULSAR-Payload-Execution-Neutralization.html",
			"refsource": "MISC",
			"tags": []
		},
		{
			"url": "http://packetstormsecurity.com/files/156196/SMB-DOUBLEPULSAR-Remote-Code-Execution.html",
			"name": "http://packetstormsecurity.com/files/156196/SMB-DOUBLEPULSAR-Remote-Code-Execution.html",
			"refsource": "MISC",
			"tags": []
		}
	],
	"impact": {
		"baseMetricV3": {
			"cvssV3": {
				"version": "3.0",
				"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
				"attackVector": "NETWORK",
				"attackComplexity": "HIGH",
				"privilegesRequired": "NONE",
				"userInteraction": "NONE",
				"scope": "UNCHANGED",
				"confidentialityImpact": "HIGH",
				"integrityImpact": "HIGH",
				"availabilityImpact": "HIGH",
				"baseScore": 8.1,
				"baseSeverity": "HIGH"
			},
			"exploitabilityScore": 2.2,
			"impactScore": 5.9
		},
		"baseMetricV2": {
			"cvssV2": {
				"version": "2.0",
				"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
				"accessVector": "NETWORK",
				"accessComplexity": "MEDIUM",
				"authentication": "NONE",
				"confidentialityImpact": "COMPLETE",
				"integrityImpact": "COMPLETE",
				"availabilityImpact": "COMPLETE",
				"baseScore": 9.3
			},
			"severity": "HIGH",
			"exploitabilityScore": 8.6,
			"impactScore": 10,
			"obtainAllPrivilege": false,
			"obtainUserPrivilege": false,
			"obtainOtherPrivilege": false,
			"userInteractionRequired": false
		}
	},
	"problem_type": "CWE-20"
}