CVE-2017-0148

CVE Database · CVE-2017-0148

CVE-2017-0148

· HIGHAnalyzed

CVSS v3.1

8.1

EPSS

99.37%

Published

Mar 16, 2017

Modified

Apr 22, 2026

CISA Known Exploited Vulnerability

Added: 2022-04-06 · Due: 2022-04-27

Apply updates per vendor instructions.

Public PoC / Exploit (4)

All weaponized →

Exploit-DBMicrosoft Windows - SMB Remote Code Execution Scanner (MS17-010) (Metasploit)Exploit-DBDOUBLEPULSAR - Payload Execution and Neutralization (Metasploit)Exploit-DBMicrosoft Windows Server 2008 R2 (x64) - 'SrvOs2FeaToNt' SMB Remote Code Execution (MS17-010)TrickestTrickest PoC index

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

The SMBv1 server in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; and Windows 10 Gold, 1511, and 1607; and Windows Server 2016 allows remote attackers to execute arbitrary code via crafted packets, aka "Windows SMB Remote Code Execution Vulnerability." This vulnerability is different from those described in CVE-2017-0143, CVE-2017-0144, CVE-2017-0145, and CVE-2017-0146.

CVSS Vector

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

Weaknesses (CWE)

CWE-20CWE-20

Affected Products (36)

microsoft · server_message_blockvulnerable

microsoft · windows_10_1507

microsoft · windows_10_1511

microsoft · windows_10_1607

microsoft · windows_7

microsoft · windows_8.1

microsoft · windows_rt_8.1