Unknown
CVE-2017-0147
CVE ID
AttackerKB requires a CVE ID in order to pull vulnerability data and references from the CVE list and the National Vulnerability Database. If available, please supply below:
Add References:
CVE-2017-0147
MITRE ATT&CK
Collection
Command and Control
Credential Access
Defense Evasion
Discovery
Execution
Exfiltration
Impact
Initial Access
Lateral Movement
Persistence
Privilege Escalation
Topic Tags
Description
The SMBv1 server in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; and Windows 10 Gold, 1511, and 1607; and Windows Server 2016 allows remote attackers to obtain sensitive information from process memory via a crafted packets, aka “Windows SMB Information Disclosure Vulnerability.”
Add Assessment
Technical Analysis
Reported as exploited in the wild as part of Google’s 2020 0day vulnerability spreadsheet they made available at https://docs.google.com/spreadsheets/d/1lkNJ0uQwbeC1ZTRrxdtuPLCIl7mlUreoKfSIgajnSyY/edit#gid=1869060786. Original tweet announcing this spreadsheet with the 2020 findings can be found at https://twitter.com/maddiestone/status/1329837665378725888
Again this is all part of CVE-2017-0143 to CVE-2017-0147 which were all exploited in NSA’s exploit leak.
Would you also like to delete your Exploited in the Wild Report?
Delete Assessment Only Delete Assessment and Exploited in the Wild ReportCVSS V3 Severity and Metrics
General Information
Vendors
- microsoft,
- siemens
Products
- acuson p300 firmware 13.02,
- acuson p300 firmware 13.03,
- acuson p300 firmware 13.20,
- acuson p300 firmware 13.21,
- acuson p500 firmware va10,
- acuson p500 firmware vb10,
- acuson sc2000 firmware,
- acuson sc2000 firmware 5.0a,
- acuson x700 firmware 1.0,
- acuson x700 firmware 1.1,
- syngo sc2000 firmware,
- syngo sc2000 firmware 5.0a,
- tissue preparation system firmware,
- versant kpcr molecular system firmware,
- versant kpcr sample prep firmware,
- windows 10 1507 -,
- windows 10 1511 -,
- windows 10 1607 -,
- windows 7 -,
- windows 8.1 -,
- windows rt 8.1 -,
- windows server 2008 -,
- windows server 2008 r2,
- windows server 2012 -,
- windows server 2012 r2,
- windows server 2016 -,
- windows vista -
Metasploit Modules
Exploited in the Wild
Would you like to delete this Exploited in the Wild Report?
Yes, delete this reportWould you like to delete this Exploited in the Wild Report?
Yes, delete this reportReferences
Advisory
Additional Info
Technical Analysis
Report as Emergent Threat Response
Report as Exploited in the Wild
CVE ID
AttackerKB requires a CVE ID in order to pull vulnerability data and references from the CVE list and the National Vulnerability Database. If available, please supply below: