TopVuln

High-risk vulnerability digests

CVE-2017-0144

  • HIGH
  • KEV
  • Ransomware

Microsoft SMBv1 Remote Code Execution Vulnerability

Details

CVSS v3
8.8
CVSS v2
9.3
NVD published
2017-03-17 00:59:04
CISA date
2022-02-10
EPSS
94.4% probability · 100.0th percentile — 2026-04-21
Affected versions
cpe:2.3:a:microsoft:server_message_block:1.0:*:*:*:*:*:*:* cpe:2.3:o:microsoft:windows_10_1507:-:*:*:*:*:*:x64:* cpe:2.3:o:microsoft:windows_10_1507:-:*:*:*:*:*:x86:* cpe:2.3:o:microsoft:windows_10_1511:-:*:*:*:*:*:x64:* cpe:2.3:o:microsoft:windows_10_1511:-:*:*:*:*:*:x86:* cpe:2.3:o:microsoft:windows_10_1607:-:*:*:*:*:*:x64:* cpe:2.3:o:microsoft:windows_10_1607:-:*:*:*:*:*:x86:* cpe:2.3:o:microsoft:windows_7:-:sp1:*:*:*:*:*:* cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:* cpe:2.3:o:microsoft:windows_rt_8.1:-:*:*:*:*:*:*:* cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:*:* cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:*:* cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:* cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:* cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:* cpe:2.3:o:microsoft:windows_vista:-:sp2:*:*:*:*:*:* cpe:2.3:o:siemens:acuson_p300_firmware:13.02:*:*:*:*:*:*:* cpe:2.3:o:siemens:acuson_p300_firmware:13.03:*:*:*:*:*:*:* cpe:2.3:o:siemens:acuson_p300_firmware:13.20:*:*:*:*:*:*:* cpe:2.3:o:siemens:acuson_p300_firmware:13.21:*:*:*:*:*:*:* cpe:2.3:h:siemens:acuson_p300:-:*:*:*:*:*:*:* cpe:2.3:o:siemens:acuson_p500_firmware:va10:*:*:*:*:*:*:* cpe:2.3:o:siemens:acuson_p500_firmware:vb10:*:*:*:*:*:*:* cpe:2.3:h:siemens:acuson_p500:-:*:*:*:*:*:*:* cpe:2.3:o:siemens:acuson_sc2000_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:siemens:acuson_sc2000_firmware:5.0a:*:*:*:*:*:*:* cpe:2.3:h:siemens:acuson_sc2000:-:*:*:*:*:*:*:* cpe:2.3:o:siemens:acuson_x700_firmware:1.0:*:*:*:*:*:*:* cpe:2.3:o:siemens:acuson_x700_firmware:1.1:*:*:*:*:*:*:* cpe:2.3:h:siemens:acuson_x700:-:*:*:*:*:*:*:* cpe:2.3:o:siemens:syngo_sc2000_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:siemens:syngo_sc2000_firmware:5.0a:*:*:*:*:*:*:* cpe:2.3:h:siemens:syngo_sc2000:-:*:*:*:*:*:*:* cpe:2.3:o:siemens:tissue_preparation_system_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:siemens:tissue_preparation_system:-:*:*:*:*:*:*:* cpe:2.3:o:siemens:versant_kpcr_molecular_system_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:siemens:versant_kpcr_molecular_system:-:*:*:*:*:*:*:* cpe:2.3:o:siemens:versant_kpcr_sample_prep_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:siemens:versant_kpcr_sample_prep:-:*:*:*:*:*:*:*
Summary
The SMBv1 server in multiple Microsoft Windows versions allows remote attackers to execute arbitrary code via crafted packets.
Remediation
Apply updates per vendor instructions.
Exploit info
No exploit-tagged NVD references in our cache; see the CISA KEV link below.

View on NVD  ·  CISA KEV catalog

TopVuln sends digest emails with high-risk CVE picks across multiple authoritative sources—curated with EPSS and AI. Choose daily per-stream emails and optional weekly or monthly roundups.

Subscribe — free email digest or paid plan

Information is aggregated from multiple authoritative sources for convenience; verify with NVD and vendors before operational decisions.