vulnerability

Microsoft Windows: CVE-2017-0021: Hyper-V vSMB Remote Code Execution Vulnerability

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
8	(AV:A/AC:L/Au:S/C:C/I:C/A:C)	Mar 14, 2017	Mar 14, 2017	Sep 5, 2025

Severity

CVSS

(AV:A/AC:L/Au:S/C:C/I:C/A:C)

Published

Mar 14, 2017

Added

Mar 14, 2017

Modified

Sep 5, 2025

Description

Hyper-V in Microsoft Windows 10 1607 and Windows Server 2016 does not properly validate vSMB packet data, which allows attackers to execute arbitrary code on a target OS, aka "Hyper-V System Data Structure Vulnerability." This vulnerability is different from that described in CVE-2017-0095.

Solutions

microsoft-windows-windows_10-1607-kb4013429microsoft-windows-windows_server_2016-1607-kb4013429

References

BID-96020
CVE-2017-0021
https://attackerkb.com/topics/CVE-2017-0021
URL-https://support.microsoft.com/help/4013429

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today