CVE DATABASE / CVE-2017-0143

CVE-2017-0143

Microsoft Windows Server Message Block (SMBv1) Remote Code Execution Vulnerability

CVSS 8.8 · HIGH ⚠ CISA KEV — ACTIVELY EXPLOITED RANSOMWARE

On the CISA KEV catalog

Confirmed exploited in the wild. Added 2021-11-03. Federal remediation due 2022-05-03.
Required action: Apply updates per vendor instructions.

Summary

The SMBv1 server in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; and Windows 10 Gold, 1511, and 1607; and Windows Server 2016 allows remote attackers to execute arbitrary code via crafted packets, aka "Windows SMB Remote Code Execution Vulnerability." This vulnerability is different from those described in CVE-2017-0144, CVE-2017-0145, CVE-2017-0146, and CVE-2017-0148.

CVSS 3.1 breakdown

Base score	8.8 (HIGH)
Vector	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Attack vector	NETWORK
Attack complexity	LOW
Privileges required	LOW
User interaction	NONE
Scope	UNCHANGED
Confidentiality	HIGH
Integrity	HIGH
Availability	HIGH

Affected products

Microsoft server message blockMicrosoft windows 10 1507Microsoft windows 10 1511Microsoft windows 10 1607Microsoft windows 7Microsoft windows 8.1Microsoft windows rt 8.1Microsoft windows server 2008Microsoft windows server 2012Microsoft windows server 2016Microsoft windows vistaPhilips intellispace portalSiemens acuson p300 firmwareSiemens acuson p300Siemens acuson p500 firmwareSiemens acuson p500Siemens acuson sc2000 firmwareSiemens acuson sc2000Siemens acuson x700 firmwareSiemens acuson x700

Check this CVE live

Use our free CVE Lookup tool for the latest NVD record, or browse the full CISA KEV catalog.

References

Data: NIST NVD + CISA KEV. NVD last modified 2026-04-22. Always verify against the vendor advisory before acting.