CVE-2017-0021 — Improper Input Validation in Microsoft Windows 10

CWE-20 — Improper Input Validation7 documents5 sources

Severity

9.0CRITICALNVD

NVD7.6

EPSS

0.6%

top 29.65%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Microsoft Windows 10 Msrc Windows 10 Version 1607 FOR 32-bit Systems Msrc Windows 10 Version 1607 FOR X64-based Systems +1 more

Timeline

PublishedMar 17

Latest updateMay 13

Description

Hyper-V in Microsoft Windows 10 1607 and Windows Server 2016 does not properly validate vSMB packet data, which allows attackers to execute arbitrary code on a target OS, aka "Hyper-V System Data Structure Vulnerability." This vulnerability is different from that described in CVE-2017-0095.

CVSS vector

CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:HExploitability: 2.3 | Impact: 6.0

Affected Packages4 packages

▶msrcmsrc/windows_server_2016

▶msrcmsrc/windows_10_version_1607_for_32-bit_systems

▶msrcmsrc/windows_10_version_1607_for_x64-based_systems

▶NVDmicrosoft/windows_101511, 1607+1

Patches

Patch: portal.msrc.microsoft.com ↗Patch: portal.msrc.microsoft.com ↗

🔴Vulnerability Details

GHSA

GHSA-53gh-w7rv-pj62: Hyper-V in Microsoft Windows 10 1607 and Windows Server 2016 does not properly validate vSMB packet data, which allows attackers to execute arbitrary↗2022-05-13

▶

GHSA

GHSA-8ccm-hrvp-5w74: Hyper-V in Microsoft Windows 10 Gold, 1511, and 1607 and Windows Server 2016 does not properly validate vSMB packet data, which allows attackers to ex↗2022-05-13

▶

💥Exploits & PoCs

Exploit-DB

UTStar WA3002G4 ADSL Broadband Modem - Authentication Bypass↗2017-09-15

▶

📋Vendor Advisories

Microsoft

Hyper-V vSMB Remote Code Execution Vulnerability↗2017-03-14

▶