Microsoft EternalBlue - Remote Code Execution (MS17-010 - CVE-2017-0144) (CVE-2017-0144)
- Severity
- CVSSv3 Score
- 8.1
- Vulnerability description
Microsoft Server Message Block 1.0 (SMBv1) is affected by a Remote Code Execution. The root cause of this vulnerability is the improper packet handling of the SMBv1 traffic.
- Risk description
The risk exists that a remote unauthenticated attacker could execute arbitrary code via specially crafted SMBv1 requests and thus can compromise the target system.
- Exploit capabilities
Sniper can gain unauthenticated Remote Code Execution on the target system and extract multiple artefacts as evidence.
- Recommendation
Appy the latest updates for your Windows version.
- References
https://nvd.nist.gov/vuln/detail/cve-2017-0144
https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2017-0144
- Codename
- EternalBlue
- Detectable with
- Network Scanner
- Exploitable with Sniper
- Yes
- Vuln date
- Mar 2017
- Published at
- Updated at
- Software Type
- Operating System
- Vendor
- Microsoft
- Product
- Windows