CVE-2017-0147

CVE Database · CVE-2017-0147

CVE-2017-0147

· HIGHAnalyzed

CVSS v3.1

7.5

EPSS

99.69%

Published

Mar 16, 2017

Modified

Apr 22, 2026

CISA Known Exploited Vulnerability

Added: 2022-05-24 · Due: 2022-06-14

Apply updates per vendor instructions.

Public PoC / Exploit (6)

All weaponized →

Exploit-DBMicrosoft Windows - SMB Remote Code Execution Scanner (MS17-010) (Metasploit)Exploit-DBDOUBLEPULSAR - Payload Execution and Neutralization (Metasploit)Exploit-DBMicrosoft Windows - 'EternalRomance'/'EternalSynergy'/'EternalChampion' SMB Remote Code Execution (Metasploit) (MS17-010)Exploit-DBMicrosoft Windows Server 2008 R2 (x64) - 'SrvOs2FeaToNt' SMB Remote Code Execution (MS17-010)TrickestTrickest PoC index GitHub PoCRobertoLeonFR-ES/Exploit-Win32.CVE-2017-0147.A★0

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

The SMBv1 server in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; and Windows 10 Gold, 1511, and 1607; and Windows Server 2016 allows remote attackers to obtain sensitive information from process memory via a crafted packets, aka "Windows SMB Information Disclosure Vulnerability."

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Affected Products (35)

microsoft · windows_10_1507vulnerable

microsoft · windows_10_1511vulnerable

microsoft · windows_10_1607vulnerable

microsoft · windows_7vulnerable

microsoft · windows_8.1vulnerable

microsoft · windows_rt_8.1vulnerable

microsoft · windows_server_2008vulnerable

microsoft · windows_server_2012vulnerable