vulnerability

Microsoft Windows: CVE-2017-0095: Hyper-V vSMB Remote Code Execution Vulnerability

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
8	(AV:A/AC:M/Au:N/C:C/I:C/A:C)	Mar 14, 2017	Mar 14, 2017	Sep 5, 2025

Severity

CVSS

(AV:A/AC:M/Au:N/C:C/I:C/A:C)

Published

Mar 14, 2017

Added

Mar 14, 2017

Modified

Sep 5, 2025

Description

Hyper-V in Microsoft Windows 10 Gold, 1511, and 1607 and Windows Server 2016 does not properly validate vSMB packet data, which allows attackers to execute arbitrary code on a target OS, aka "Hyper-V vSMB Remote Code Execution Vulnerability." This vulnerability is different from that described in CVE-2017-0021.

Solutions

microsoft-windows-windows_10-1507-kb4012606microsoft-windows-windows_10-1511-kb4013198microsoft-windows-windows_10-1607-kb4013429microsoft-windows-windows_server_2016-1607-kb4013429

References

BID-96699
CVE-2017-0095
https://attackerkb.com/topics/CVE-2017-0095
CWE-20
URL-https://support.microsoft.com/help/4012606
URL-https://support.microsoft.com/help/4013198
URL-https://support.microsoft.com/help/4013429

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today