CVE-2017-0147

Warning

Exploit

EPSS 92.42%
Published 17.03.2017 00:59:04
Last modified 20.04.2025 01:37:25
Source secure@microsoft.com
Teams watchlist Login
Open Login

The SMBv1 server in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; and Windows 10 Gold, 1511, and 1607; and Windows Server 2016 allows remote attackers to obtain sensitive information from process memory via a crafted packets, aka "Windows SMB Information Disclosure Vulnerability."

Affected products Warnungen 1 Metrics 4 CWE 0 References 14

Data is provided by the National Vulnerability Database (NVD)

Microsoft ≫ Windows 10 1507 Version-

Microsoft ≫ Windows 10 1511 Version-

Microsoft ≫ Windows 10 1607 Version-

Microsoft ≫ Windows 7 Version- Updatesp1

Microsoft ≫ Windows 8.1 Version-

Microsoft ≫ Windows Rt 8.1 Version-

Microsoft ≫ Windows Server 2008 Version- Updatesp2

Microsoft ≫ Windows Server 2008 Versionr2 Updatesp1

Microsoft ≫ Windows Server 2012 Version-

Microsoft ≫ Windows Server 2012 Versionr2

Microsoft ≫ Windows Server 2016 Version-

Microsoft ≫ Windows Vista Version- Updatesp2

Siemens ≫ Acuson P300 Firmware Version13.02

Siemens ≫ Acuson P300 Version-

Siemens ≫ Acuson P300 Firmware Version13.03

Siemens ≫ Acuson P300 Version-

Siemens ≫ Acuson P300 Firmware Version13.20

Siemens ≫ Acuson P300 Version-

Siemens ≫ Acuson P300 Firmware Version13.21

Siemens ≫ Acuson P300 Version-

Siemens ≫ Acuson P500 Firmware Versionva10

Siemens ≫ Acuson P500 Version-

Siemens ≫ Acuson P500 Firmware Versionvb10

Siemens ≫ Acuson P500 Version-

Siemens ≫ Acuson Sc2000 Firmware Version >= 4.0 < 4.0e

Siemens ≫ Acuson Sc2000 Version-

Siemens ≫ Acuson Sc2000 Firmware Version5.0a

Siemens ≫ Acuson Sc2000 Version-

Siemens ≫ Acuson X700 Firmware Version1.0

Siemens ≫ Acuson X700 Version-

Siemens ≫ Acuson X700 Firmware Version1.1

Siemens ≫ Acuson X700 Version-

Siemens ≫ Syngo Sc2000 Firmware Version >= 4.0 < 4.0e

Siemens ≫ Syngo Sc2000 Version-

Siemens ≫ Syngo Sc2000 Firmware Version5.0a

Siemens ≫ Syngo Sc2000 Version-

Siemens ≫ Tissue Preparation System Firmware

Siemens ≫ Tissue Preparation System Version-

Siemens ≫ Versant Kpcr Molecular System Firmware

Siemens ≫ Versant Kpcr Molecular System Version-

Siemens ≫ Versant Kpcr Sample Prep Firmware

Siemens ≫ Versant Kpcr Sample Prep Version-

24.05.2022: CISA Known Exploited Vulnerabilities (KEV) Catalog

Microsoft Windows SMBv1 Information Disclosure Vulnerability

Vulnerability

The SMBv1 server in Microsoft Windows allows remote attackers to obtain sensitive information from process memory via a crafted packet.

Description

Apply updates per vendor instructions.

Required actions

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	92.42%	0.997

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	7.5	3.9	3.6	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
nvd@nist.gov	4.3	8.6	2.9	AV:N/AC:M/Au:N/C:P/I:N/A:N
134c704f-9b21-4f2e-91b3-4a467353bcc0	7.5	3.9	3.6	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N