Microsoft » Server Message Block : Security Vulnerabilities, CVEs,
CVE-2017-0143
Known exploited
Public exploit
Used for ransomware
The SMBv1 server in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; and Windows 10 Gold, 1511, and 1607; and Windows Server 2016 allows remote attackers to execute arbitrary code via crafted packets, aka "Windows SMB Remote Code Execution Vulnerability." This vulnerability is different from those described in CVE-2017-0144, CVE-2017-0145, CVE-2017-0146, and CVE-2017-0148.
Max CVSS
9.3
EPSS Score
97.35%
Published
2017-03-17
Updated
2018-06-21
CISA KEV Added
2021-11-03
CVE-2017-0144
Known exploited
Public exploit
Used for ransomware
The SMBv1 server in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; and Windows 10 Gold, 1511, and 1607; and Windows Server 2016 allows remote attackers to execute arbitrary code via crafted packets, aka "Windows SMB Remote Code Execution Vulnerability." This vulnerability is different from those described in CVE-2017-0143, CVE-2017-0145, CVE-2017-0146, and CVE-2017-0148.
Max CVSS
9.3
EPSS Score
97.43%
Published
2017-03-17
Updated
2018-06-21
CISA KEV Added
2022-02-10
CVE-2017-0145
Known exploited
Public exploit
Used for ransomware
The SMBv1 server in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; and Windows 10 Gold, 1511, and 1607; and Windows Server 2016 allows remote attackers to execute arbitrary code via crafted packets, aka "Windows SMB Remote Code Execution Vulnerability." This vulnerability is different from those described in CVE-2017-0143, CVE-2017-0144, CVE-2017-0146, and CVE-2017-0148.
Max CVSS
9.3
EPSS Score
97.32%
Published
2017-03-17
Updated
2018-06-21
CISA KEV Added
2022-02-10
CVE-2017-0146
Known exploited
Public exploit
Used for ransomware
The SMBv1 server in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; and Windows 10 Gold, 1511, and 1607; and Windows Server 2016 allows remote attackers to execute arbitrary code via crafted packets, aka "Windows SMB Remote Code Execution Vulnerability." This vulnerability is different from those described in CVE-2017-0143, CVE-2017-0144, CVE-2017-0145, and CVE-2017-0148.
Max CVSS
9.3
EPSS Score
97.12%
Published
2017-03-17
Updated
2018-06-21
CISA KEV Added
2022-03-25
CVE-2017-0148
Known exploited
Public exploit
Used for ransomware
The SMBv1 server in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; and Windows 10 Gold, 1511, and 1607; and Windows Server 2016 allows remote attackers to execute arbitrary code via crafted packets, aka "Windows SMB Remote Code Execution Vulnerability." This vulnerability is different from those described in CVE-2017-0143, CVE-2017-0144, CVE-2017-0145, and CVE-2017-0146.
Max CVSS
9.3
EPSS Score
97.17%
Published
2017-03-17
Updated
2018-06-21
CISA KEV Added
2022-04-06
CVE-2017-0147
Known exploited
Public exploit
Used for ransomware
The SMBv1 server in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; and Windows 10 Gold, 1511, and 1607; and Windows Server 2016 allows remote attackers to obtain sensitive information from process memory via a crafted packets, aka "Windows SMB Information Disclosure Vulnerability."
Max CVSS
5.9
EPSS Score
97.11%
Published
2017-03-17
Updated
2018-06-21
CISA KEV Added
2022-05-24
6 vulnerabilities found