EPSS
Percentile
99.6%
Added: 07/13/2017
CVE: CVE-2017-0144
BID: 96704
Server Message Block (SMB) is the protocol used by Microsoft Windows computers to communicate over a network.
A remote attacker can execute arbitrary commands with **SYSTEM**
privileges by overwriting the token to a null value and forcing **PsImpersonateClient**
to run, causing the running thread to use the primary token.
Apply the fix referenced in MS17-010.
<https://technet.microsoft.com/en-us/library/security/ms17-010.aspx>
Exploit works on Windows Server 2008 R2. The target system must allow anonymous access to the SAMR, NETLOGON, or LSARPC named pipe in order for this exploit to succeed.
Due to the nature of the vulnerability, the success of this exploit may vary depending on the state of the target system.
Windows
EPSS
Percentile
99.6%