ByteOS Network

Vulnerability Details :

CVE-2017-0144

Assigner Org ID-f38d906d-7342-40ea-92c1-6c4a2c6478c8

Published At-17 Mar, 2017 | 00:00

Updated At-30 Jul, 2025 | 01:46

Microsoft SMBv1 Remote Code Execution Vulnerability

The SMBv1 server in multiple Microsoft Windows versions allows remote attackers to execute arbitrary code via crafted packets.

EPSS History

Score

Latest Score

N/A

Percentile

Latest Percentile

N/A

▼Known Exploited Vulnerabilities (KEV)

cisa.gov

Vendor:

Microsoft Corporation

Product:SMBv1

Added At:10 Feb, 2022

Due At:10 Aug, 2022

Microsoft SMBv1 Remote Code Execution Vulnerability

The SMBv1 server in multiple Microsoft Windows versions allows remote attackers to execute arbitrary code via crafted packets.

Used in Ransomware

Known

CWE

CWE-20

Required Action:

Apply updates per vendor instructions.

Additional Notes:

https://nvd.nist.gov/vuln/detail/CVE-2017-0144

▼Common Vulnerabilities and Exposures (CVE)

cve.org

Assigner:microsoft

Assigner Org ID:f38d906d-7342-40ea-92c1-6c4a2c6478c8

Published At:17 Mar, 2017 | 00:00

Updated At:30 Jul, 2025 | 01:46

▼CVE Numbering Authority (CNA)

The SMBv1 server in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; and Windows 10 Gold, 1511, and 1607; and Windows Server 2016 allows remote attackers to execute arbitrary code via crafted packets, aka "Windows SMB Remote Code Execution Vulnerability." This vulnerability is different from those described in CVE-2017-0143, CVE-2017-0145, CVE-2017-0146, and CVE-2017-0148.

Affected Products

Vendor

Microsoft Corporation

Product

Windows SMB

Versions

Affected

The SMBv1 server in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; and Windows 10 Gold, 1511, and 1607

Problem Types

Type	CWE ID	Description
text	N/A	Remote Code Execution

Type: text

CWE ID: N/A

Description: Remote Code Execution

References

Hyperlink	Resource
https://www.exploit-db.com/exploits/42031/	exploit x_refsource_EXPLOIT-DB
https://www.exploit-db.com/exploits/42030/	exploit x_refsource_EXPLOIT-DB
https://www.exploit-db.com/exploits/41891/	exploit x_refsource_EXPLOIT-DB
http://www.securitytracker.com/id/1037991	vdb-entry x_refsource_SECTRACK
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0144	x_refsource_CONFIRM
https://cert-portal.siemens.com/productcert/pdf/ssa-701903.pdf	x_refsource_CONFIRM
https://ics-cert.us-cert.gov/advisories/ICSMA-18-058-02	x_refsource_MISC
https://www.exploit-db.com/exploits/41987/	exploit x_refsource_EXPLOIT-DB
http://www.securityfocus.com/bid/96704	vdb-entry x_refsource_BID
https://cert-portal.siemens.com/productcert/pdf/ssa-966341.pdf	x_refsource_CONFIRM
http://packetstormsecurity.com/files/154690/DOUBLEPULSAR-Payload-Execution-Neutralization.html	x_refsource_MISC
http://packetstormsecurity.com/files/156196/SMB-DOUBLEPULSAR-Remote-Code-Execution.html	x_refsource_MISC

Hyperlink: https://www.exploit-db.com/exploits/42031/

Resource:

exploit

x_refsource_EXPLOIT-DB

Hyperlink: https://www.exploit-db.com/exploits/42030/

Resource:

exploit

x_refsource_EXPLOIT-DB

Hyperlink: https://www.exploit-db.com/exploits/41891/

Resource:

exploit

x_refsource_EXPLOIT-DB

Hyperlink: http://www.securitytracker.com/id/1037991

Resource:

vdb-entry

x_refsource_SECTRACK

Hyperlink: https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0144

Resource:

x_refsource_CONFIRM

Hyperlink: https://cert-portal.siemens.com/productcert/pdf/ssa-701903.pdf

Resource:

x_refsource_CONFIRM

Hyperlink: https://ics-cert.us-cert.gov/advisories/ICSMA-18-058-02

Resource:

x_refsource_MISC

Hyperlink: https://www.exploit-db.com/exploits/41987/

Resource:

exploit

x_refsource_EXPLOIT-DB

Hyperlink: http://www.securityfocus.com/bid/96704

Resource:

vdb-entry

x_refsource_BID

Hyperlink: https://cert-portal.siemens.com/productcert/pdf/ssa-966341.pdf

Resource:

x_refsource_CONFIRM

Hyperlink: http://packetstormsecurity.com/files/154690/DOUBLEPULSAR-Payload-Execution-Neutralization.html

Resource:

x_refsource_MISC

Hyperlink: http://packetstormsecurity.com/files/156196/SMB-DOUBLEPULSAR-Remote-Code-Execution.html

Resource:

x_refsource_MISC

▼Authorized Data Publishers (ADP)

1. CVE Program Container

References

Hyperlink	Resource
https://www.exploit-db.com/exploits/42031/	exploit x_refsource_EXPLOIT-DB x_transferred
https://www.exploit-db.com/exploits/42030/	exploit x_refsource_EXPLOIT-DB x_transferred
https://www.exploit-db.com/exploits/41891/	exploit x_refsource_EXPLOIT-DB x_transferred
http://www.securitytracker.com/id/1037991	vdb-entry x_refsource_SECTRACK x_transferred
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0144	x_refsource_CONFIRM x_transferred
https://cert-portal.siemens.com/productcert/pdf/ssa-701903.pdf	x_refsource_CONFIRM x_transferred
https://ics-cert.us-cert.gov/advisories/ICSMA-18-058-02	x_refsource_MISC x_transferred
https://www.exploit-db.com/exploits/41987/	exploit x_refsource_EXPLOIT-DB x_transferred
http://www.securityfocus.com/bid/96704	vdb-entry x_refsource_BID x_transferred
https://cert-portal.siemens.com/productcert/pdf/ssa-966341.pdf	x_refsource_CONFIRM x_transferred
http://packetstormsecurity.com/files/154690/DOUBLEPULSAR-Payload-Execution-Neutralization.html	x_refsource_MISC x_transferred
http://packetstormsecurity.com/files/156196/SMB-DOUBLEPULSAR-Remote-Code-Execution.html	x_refsource_MISC x_transferred

Hyperlink: https://www.exploit-db.com/exploits/42031/

Resource:

exploit

x_refsource_EXPLOIT-DB

x_transferred

Hyperlink: https://www.exploit-db.com/exploits/42030/

Resource:

exploit

x_refsource_EXPLOIT-DB

x_transferred

Hyperlink: https://www.exploit-db.com/exploits/41891/

Resource:

exploit

x_refsource_EXPLOIT-DB

x_transferred

Hyperlink: http://www.securitytracker.com/id/1037991

Resource:

vdb-entry

x_refsource_SECTRACK

x_transferred

Hyperlink: https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0144

Resource:

x_refsource_CONFIRM

x_transferred

Hyperlink: https://cert-portal.siemens.com/productcert/pdf/ssa-701903.pdf

Resource:

x_refsource_CONFIRM

x_transferred

Hyperlink: https://ics-cert.us-cert.gov/advisories/ICSMA-18-058-02

Resource:

x_refsource_MISC

x_transferred

Hyperlink: https://www.exploit-db.com/exploits/41987/

Resource:

exploit

x_refsource_EXPLOIT-DB

x_transferred

Hyperlink: http://www.securityfocus.com/bid/96704

Resource:

vdb-entry

x_refsource_BID

x_transferred

Hyperlink: https://cert-portal.siemens.com/productcert/pdf/ssa-966341.pdf

Resource:

x_refsource_CONFIRM

x_transferred

Hyperlink: http://packetstormsecurity.com/files/154690/DOUBLEPULSAR-Payload-Execution-Neutralization.html

Resource:

x_refsource_MISC

x_transferred

Hyperlink: http://packetstormsecurity.com/files/156196/SMB-DOUBLEPULSAR-Remote-Code-Execution.html

Resource:

x_refsource_MISC

x_transferred

2. CISA ADP Vulnrichment

Problem Types

Type	CWE ID	Description
CWE	CWE-noinfo	CWE-noinfo Not enough information

Type: CWE

CWE ID: CWE-noinfo

Description: CWE-noinfo Not enough information

Metrics

Version	Base score	Base severity	Vector
3.1	8.8	HIGH	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Version: 3.1

Base score: 8.8

Base severity: HIGH

Vector:

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Metrics Other Info

kev

dateAdded:

2022-02-10

reference:

https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2017-0144

Timeline

Event	Date
CVE-2017-0144 added to CISA KEV	2022-02-10 00:00:00

Event: CVE-2017-0144 added to CISA KEV

Date: 2022-02-10 00:00:00

▼National Vulnerability Database (NVD)

nvd.nist.gov

Source:secure@microsoft.com

Published At:17 Mar, 2017 | 00:59

Updated At:20 Apr, 2025 | 01:37

CISA Catalog

Date Added	Due Date	Vulnerability Name	Required Action
2022-02-10	2022-08-10	Microsoft SMBv1 Remote Code Execution Vulnerability	Apply updates per vendor instructions.

Date Added: 2022-02-10

Due Date: 2022-08-10

Vulnerability Name: Microsoft SMBv1 Remote Code Execution Vulnerability

Required Action: Apply updates per vendor instructions.

Metrics

Type	Version	Base score	Base severity	Vector
Primary	3.1	8.8	HIGH	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Secondary	3.1	8.8	HIGH	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Primary	2.0	9.3	HIGH	AV:N/AC:M/Au:N/C:C/I:C/A:C

Type: Primary

Version: 3.1

Base score: 8.8

Base severity: HIGH

Vector:

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Type: Secondary

Version: 3.1

Base score: 8.8

Base severity: HIGH

Vector:

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Type: Primary

Version: 2.0

Base score: 9.3

Base severity: HIGH

Vector:

AV:N/AC:M/Au:N/C:C/I:C/A:C

CPE Matches

Microsoft Corporation

>>server_message_block>>1.0

cpe:2.3:a:microsoft:server_message_block:1.0:*:*:*:*:*:*:*

Microsoft Corporation

>>windows_10_1507>>-

cpe:2.3:o:microsoft:windows_10_1507:-:*:*:*:*:*:x64:*

Microsoft Corporation

>>windows_10_1507>>-

cpe:2.3:o:microsoft:windows_10_1507:-:*:*:*:*:*:x86:*

Microsoft Corporation

>>windows_10_1511>>-

cpe:2.3:o:microsoft:windows_10_1511:-:*:*:*:*:*:x64:*

Microsoft Corporation

>>windows_10_1511>>-

cpe:2.3:o:microsoft:windows_10_1511:-:*:*:*:*:*:x86:*

Microsoft Corporation

>>windows_10_1607>>-

cpe:2.3:o:microsoft:windows_10_1607:-:*:*:*:*:*:x64:*

Microsoft Corporation

>>windows_10_1607>>-

cpe:2.3:o:microsoft:windows_10_1607:-:*:*:*:*:*:x86:*

Microsoft Corporation

>>windows_7>>-

cpe:2.3:o:microsoft:windows_7:-:sp1:*:*:*:*:*:*

Microsoft Corporation

>>windows_8.1>>-

cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*

Microsoft Corporation

>>windows_rt_8.1>>-

cpe:2.3:o:microsoft:windows_rt_8.1:-:*:*:*:*:*:*:*

Microsoft Corporation

>>windows_server_2008>>-

cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:*:*

Microsoft Corporation

>>windows_server_2008>>r2

cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:*:*

Microsoft Corporation

>>windows_server_2012>>-

cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*

Microsoft Corporation

>>windows_server_2012>>r2

cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*

Microsoft Corporation

>>windows_server_2016>>-

Hyperlink	Source	Resource
http://packetstormsecurity.com/files/154690/DOUBLEPULSAR-Payload-Execution-Neutralization.html	secure@microsoft.com	Exploit Third Party Advisory VDB Entry
http://packetstormsecurity.com/files/156196/SMB-DOUBLEPULSAR-Remote-Code-Execution.html	secure@microsoft.com	Exploit Third Party Advisory VDB Entry
http://www.securityfocus.com/bid/96704	secure@microsoft.com	Broken Link Third Party Advisory VDB Entry
http://www.securitytracker.com/id/1037991	secure@microsoft.com	Broken Link Third Party Advisory VDB Entry
https://cert-portal.siemens.com/productcert/pdf/ssa-701903.pdf	secure@microsoft.com	Third Party Advisory
https://cert-portal.siemens.com/productcert/pdf/ssa-966341.pdf	secure@microsoft.com	Third Party Advisory
https://ics-cert.us-cert.gov/advisories/ICSMA-18-058-02	secure@microsoft.com	Third Party Advisory US Government Resource
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0144	secure@microsoft.com	Patch Vendor Advisory
https://www.exploit-db.com/exploits/41891/	secure@microsoft.com	Exploit Third Party Advisory VDB Entry
https://www.exploit-db.com/exploits/41987/	secure@microsoft.com	Exploit Third Party Advisory VDB Entry
https://www.exploit-db.com/exploits/42030/	secure@microsoft.com	Exploit Third Party Advisory VDB Entry
https://www.exploit-db.com/exploits/42031/	secure@microsoft.com	Exploit Third Party Advisory VDB Entry
http://packetstormsecurity.com/files/154690/DOUBLEPULSAR-Payload-Execution-Neutralization.html	af854a3a-2127-422b-91ae-364da2661108	Exploit Third Party Advisory VDB Entry
http://packetstormsecurity.com/files/156196/SMB-DOUBLEPULSAR-Remote-Code-Execution.html	af854a3a-2127-422b-91ae-364da2661108	Exploit Third Party Advisory VDB Entry
http://www.securityfocus.com/bid/96704	af854a3a-2127-422b-91ae-364da2661108	Broken Link Third Party Advisory VDB Entry
http://www.securitytracker.com/id/1037991	af854a3a-2127-422b-91ae-364da2661108	Broken Link Third Party Advisory VDB Entry
https://cert-portal.siemens.com/productcert/pdf/ssa-701903.pdf	af854a3a-2127-422b-91ae-364da2661108	Third Party Advisory
https://cert-portal.siemens.com/productcert/pdf/ssa-966341.pdf	af854a3a-2127-422b-91ae-364da2661108	Third Party Advisory
https://ics-cert.us-cert.gov/advisories/ICSMA-18-058-02	af854a3a-2127-422b-91ae-364da2661108	Third Party Advisory US Government Resource
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0144	af854a3a-2127-422b-91ae-364da2661108	Patch Vendor Advisory
https://www.exploit-db.com/exploits/41891/	af854a3a-2127-422b-91ae-364da2661108	Exploit Third Party Advisory VDB Entry
https://www.exploit-db.com/exploits/41987/	af854a3a-2127-422b-91ae-364da2661108	Exploit Third Party Advisory VDB Entry
https://www.exploit-db.com/exploits/42030/	af854a3a-2127-422b-91ae-364da2661108	Exploit Third Party Advisory VDB Entry
https://www.exploit-db.com/exploits/42031/	af854a3a-2127-422b-91ae-364da2661108	Exploit Third Party Advisory VDB Entry

CVE-2017-0144

Credits

Microsoft SMBv1 Remote Code Execution Vulnerability

Vendors

Products

Metrics (CVSS)

Weaknesses

Attack Patterns

Solution/Workaround

References

EPSS History

Score

Latest Score

N/A

Percentile

Latest Percentile

N/A

Stakeholder-Specific Vulnerability Categorization (SSVC)

Microsoft SMBv1 Remote Code Execution Vulnerability

Used in Ransomware

Known

CWE

Required Action:

Additional Notes:

Affected Products

Affected

Problem Types

Metrics

Metrics Other Info

Impacts

Solutions

Configurations

Workarounds

Exploits

Credits

Timeline

Replaced By

Rejected Reason

References

Affected Products

Metrics

Metrics Other Info

Impacts

Solutions

Configurations

Workarounds

Exploits

Credits

Timeline

Replaced By

Rejected Reason

References

Affected Products

Problem Types

Metrics

Metrics Other Info

Impacts

Solutions

Configurations

Workarounds

Exploits

Credits

Timeline

Replaced By

Rejected Reason

References

CISA Catalog

Metrics

CPE Matches

Weaknesses

Evaluator Description

Evaluator Impact

Evaluator Solution

Vendor Statements

References

Change History

Similar CVEs