CVE-2017-8464

CVE Database · CVE-2017-8464

CVE-2017-8464

· HIGHAnalyzed

CVSS v3.1

8.8

EPSS

90.03%

Published

Jun 14, 2017

Modified

Apr 22, 2026

CISA Known Exploited Vulnerability

Added: 2022-02-10 · Due: 2022-08-10

Apply updates per vendor instructions.

Public PoC / Exploit (11)

All weaponized →

Exploit-DBMicrosoft Windows - '.LNK' Shortcut File Code Execution Exploit-DBMicrosoft Windows - '.LNK' Shortcut File Code Execution (Metasploit)TrickestTrickest PoC index GitHub PoC3gstudent/CVE-2017-8464-EXP★66 GitHub PoCdoudouhala/CVE-2017-8464-exp-generator★8 GitHub PoCTrG-1999/DetectPacket-CVE-2017-8464★2 GitHub PoCElm0D/CVE-2017-8464★1 GitHub PoCxssfile/CVE-2017-8464-EXP★1 GitHub PoCX-Vector/usbhijacking★0 GitHub PoCtuankiethkt020/Phat-hien-CVE-2017-8464★0 GitHub PoCTieuLong21Prosper/Detect-CVE-2017-8464★0

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

Windows Shell in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows local users or remote attackers to execute arbitrary code via a crafted .LNK file, which is not properly handled during icon display in Windows Explorer or any other application that parses the icon of the shortcut. aka "LNK Remote Code Execution Vulnerability."

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Affected Products (12)

microsoft · windows_10_1511vulnerable

microsoft · windows_10_1607vulnerable

microsoft · windows_10_1703vulnerable

microsoft · windows_7vulnerable

microsoft · windows_8.1vulnerable

microsoft · windows_rt_8.1vulnerable

microsoft · windows_server_2008vulnerable

microsoft · windows_server_2012vulnerable

References (11)