9.3 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
8.1 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
0.973 High
EPSS
Percentile
99.9%
Added: 04/26/2017
CVE: CVE-2017-0143
BID: 96703
Server Message Block (SMB) is the protocol used by Microsoft Windows computers to communicate over a network. SMBv1 was the first version of this protocol and is still supported by modern Windows versions.
A vulnerability in the handling of certain SMBv1 requests could allow a remote attacker to execute arbitrary commands.
Apply the patch referenced in MS17-010, or disable SMBv1.
<https://technet.microsoft.com/en-us/library/security/ms17-010.aspx>
Exploit works on Windows 7 and Windows Server 2008 R2.
If the exploit succeeds against a 32-bit target, the target reboots when the command connection is closed.
Windows 7
Windows Server 2008 R2
9.3 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
8.1 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
0.973 High
EPSS
Percentile
99.9%