CVE-2017-0279 : The Microsoft Server Message Block 1.0 (SMBv1) server on Microsoft Windows Serve

The Microsoft Server Message Block 1.0 (SMBv1) server on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows an attacker to execute remote code by the way it handles certain requests, aka "Windows SMB Remote Code Execution Vulnerability". This CVE ID is unique from CVE-2017-0272, CVE-2017-0277, and CVE-2017-0278.

Published 2017-05-12 14:29:07

Updated 2019-10-03 00:03:26

Source Microsoft Corporation

View at NVD, CVE.org

Vulnerability category: Execute code

Products affected by CVE-2017-0279

Microsoft » Windows Server 2008 » Update SP2
cpe:2.3:o:microsoft:windows_server_2008:*:sp2:*:*:*:*:*:*
Matching versions
Microsoft » Windows Server 2008 » Version: R2 Update SP1
cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:*:*
Matching versions
Microsoft » Windows 7 » Update SP1
cpe:2.3:o:microsoft:windows_7:*:sp1:*:*:*:*:*:*
Matching versions
Microsoft » Windows Server 2012 » Version: N/A
cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*
Matching versions
Microsoft » Windows Server 2012 » Version: R2
cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*
Matching versions
Microsoft » Windows 8.1
cpe:2.3:o:microsoft:windows_8.1:*:*:*:*:*:*:*:*
Matching versions
Microsoft » Windows Rt 8.1
cpe:2.3:o:microsoft:windows_rt_8.1:*:*:*:*:*:*:*:*
Matching versions
Microsoft » Windows 10 » Version: N/A
cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*
Matching versions
Microsoft » Windows 10 » Version: 1511
cpe:2.3:o:microsoft:windows_10:1511:*:*:*:*:*:*:*
Matching versions
Microsoft » Windows 10 » Version: 1607
cpe:2.3:o:microsoft:windows_10:1607:*:*:*:*:*:*:*
Matching versions
Microsoft » Windows 10 » Version: 1703
cpe:2.3:o:microsoft:windows_10:1703:*:*:*:*:*:*:*
Matching versions
Microsoft » Windows Server 2016 » Version: N/A
cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*
Matching versions

Exploit prediction scoring system (EPSS) score for CVE-2017-0279

EPSS FAQ

1.78%

Probability of exploitation activity in the next 30 days EPSS Score History

~ 82 %

Percentile, the proportion of vulnerabilities that are scored at or less

CVSS scores for CVE-2017-0279

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source
6.8	MEDIUM	AV:N/AC:M/Au:N/C:P/I:P/A:P	8.6	6.4	NIST
Access Vector: Network Access Complexity: Medium Authentication: None Confidentiality Impact: Partial Integrity Impact: Partial Availability Impact: Partial
7.0	HIGH	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:L	2.2	4.7	NIST
Attack Vector: Network Attack Complexity: High Privileges Required: None User Interaction: None Scope: Unchanged Confidentiality: High Integrity: Low Availability: Low

References for CVE-2017-0279

http://www.securitytracker.com/id/1038430

Windows Server Message Block Unspecified Bugs Let Remote Users Execute Arbitrary Code on the Target System - SecurityTracker

CVEs referencing this url
https://ics-cert.us-cert.gov/advisories/ICSMA-18-058-02

Philips Intellispace Portal ISP Vulnerabilities | CISA

CVEs referencing this url
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0279

CVE-2017-0279 | Windows SMB Remote Code Execution Vulnerability
Mitigation;Patch;Vendor Advisory
http://www.securityfocus.com/bid/98272

Microsoft Windows SMB Server CVE-2017-0279 Remote Code Execution Vulnerability
Third Party Advisory;VDB Entry

Jump to

Vulnerability Details : CVE-2017-0279

Products affected by CVE-2017-0279

Exploit prediction scoring system (EPSS) score for CVE-2017-0279

CVSS scores for CVE-2017-0279

References for CVE-2017-0279