CVE-2017-0145
Published: 17 March 2017
Summary
CVE-2017-0145 is a high-severity an unspecified weakness vulnerability in Siemens Acuson P300 Firmware. Its CVSS base score is 8.8 (High).
Operationally, ranked in the top 0.2% of CVEs by exploit likelihood; CISA has added it to the Known Exploited Vulnerabilities catalog; a public proof-of-concept is referenced.
The strongest mitigations our analysis identified are NIST 800-53 CM-7 (Least Functionality) and SC-7 (Boundary Protection).
Deeper analysis
The vulnerability CVE-2017-0145 resides in the SMBv1 server implementation across Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold/1511/1607, and Windows Server 2016. It is a remote code execution flaw triggered by specially crafted packets, distinct from the related issues tracked as CVE-2017-0143, CVE-2017-0144, CVE-2017-0146, and CVE-2017-0148.
Remote attackers can exploit the weakness over the network without authentication to execute arbitrary code on affected systems. The CVSS 3.1 score of 8.8 reflects the combination of network attack vector, low complexity, and full impact on confidentiality, integrity, and availability.
Public references include exploit artifacts and payload discussions for DOUBLEPULSAR on Packet Storm, vendor tracking entries on SecurityFocus and SecurityTracker, and Siemens SSA-701903, all underscoring the availability of Microsoft patches as the primary mitigation path.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2017-0512
Vulnerability details
The SMBv1 server in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; and Windows 10 Gold, 1511, and 1607; and Windows Server 2016…
more
allows remote attackers to execute arbitrary code via crafted packets, aka "Windows SMB Remote Code Execution Vulnerability." This vulnerability is different from those described in CVE-2017-0143, CVE-2017-0144, CVE-2017-0146, and CVE-2017-0148.
- CWE(s)
- KEV Date Added
- 10 February 2022
Related Threats
Threat-Actor AttributionAI
Affected Assets
Mitigating Controls
Mitigating Controls (NIST 800-53 r5) AI
Directly mitigates by disabling SMBv1, removing the unnecessary protocol implementation that contains the RCE flaw.
Requires prompt application of vendor patches that eliminate the crafted-packet RCE vulnerability in SMBv1.
Blocks or restricts inbound SMB traffic (port 445) at network boundaries, preventing unauthenticated remote exploitation.