Rapid7 Vulnerability & Exploit Database

Microsoft Windows: CVE-2017-0148: Windows SMB Remote Code Execution Vulnerability

Free InsightVM Trial No Credit Card Necessary
2024 Attack Intel Report Latest research by Rapid7 Labs
Back to Search

Microsoft Windows: CVE-2017-0148: Windows SMB Remote Code Execution Vulnerability

Severity
9
CVSS
(AV:N/AC:M/Au:N/C:C/I:C/A:C)
Published
03/14/2017
Created
07/25/2018
Added
03/14/2017
Modified
09/11/2024

Description

The SMBv1 server in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; and Windows 10 Gold, 1511, and 1607; and Windows Server 2016 allows remote attackers to execute arbitrary code via crafted packets, aka "Windows SMB Remote Code Execution Vulnerability." This vulnerability is different from those described in CVE-2017-0143, CVE-2017-0144, CVE-2017-0145, and CVE-2017-0146.

Solution(s)

  • microsoft-windows-windows_10-1507-kb4012606
  • microsoft-windows-windows_10-1511-kb4013198
  • microsoft-windows-windows_10-1607-kb4013429
  • microsoft-windows-windows_server_2012-kb4012214
  • microsoft-windows-windows_server_2012_r2-kb4012213
  • microsoft-windows-windows_server_2016-1607-kb4013429
  • msft-kb4012212-13c36c25-fee4-429f-933e-f93ebfbb91f5
  • msft-kb4012212-36e1591a-f6d3-44d2-aa25-540234b7eb36
  • msft-kb4012212-4ee6f09d-38d9-47ef-8ba9-dd802352b8ee
  • msft-kb4012212-652eea96-c2e8-4548-8f9a-40964e5e6a74
  • msft-kb4012212-c682d11d-fc2e-4852-9da7-c2198958bf6c
  • msft-kb4012212-fb31138f-b6a5-499c-9eb6-5b5f9fff6bfd
  • msft-kb4012213-317ca43c-7dfe-4e04-8a21-2c6c4ab4fbb9
  • msft-kb4012213-5d351df3-6efb-4b17-93e0-b0e3a5babbc3
  • msft-kb4012214-1949e6d5-95b0-4e90-acfb-73c9d295fbbf
  • msft-kb4012214-b4d71d8b-1f2d-4958-ad08-e379293d71e8
  • msft-kb4012598-22699699-94c3-4677-99e5-38cb4fb66401
  • msft-kb4012598-324162d3-2d68-4a64-93fc-948caad3b45c
  • msft-kb4012598-43db2dfd-c320-436a-94bf-5f094498fe68
  • msft-kb4012598-4d0386a5-2707-4e40-9d57-92e1f523c465
  • msft-kb4012598-5680ca8f-be92-4d13-8e4e-587aa462e838
  • msft-kb4012598-69eadaea-9a25-4cb4-8c6f-5f4603311eda
  • msft-kb4012598-6e52528b-7754-49ba-b39e-2a2a2b7c8c3a
  • msft-kb4012598-86ac3cc3-e972-41a8-ac78-45bc5a950faa
  • msft-kb4012598-9e189800-f354-4dc8-8170-7bd0ad7ca09a
  • msft-kb4012598-a679cafc-d8da-4c2a-9709-17a6e6a93f4f
  • msft-kb4012598-d4d15d30-e775-4f6f-b838-d3caca05a5e9
  • msft-kb4012598-ec4f955a-2fe7-45e6-bde1-1de91cbe874f
  • msft-kb4012598-fdb0df5f-8994-4e43-a37b-82544a1eff68

With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.

– Scott Cheney, Manager of Information Security, Sierra View Medical Center

;