CVE-2017-0144

ENISA EUVD: EUVD-2017-0511 ↗

Exploited in the Wild ✓ Confirmed 0-Day ★ Google Project Zero

Triaged: March 5, 2026 6 articles Published: 2017-03-17

VulnLookup ↗ NVD ↗ EUVD ↗ MITRE ↗ Advisory ↗ P0 Sheet ↗ CISA KEV ↗

EPSS Score

Source: FIRST.org · 2026-05-23

94.32%

probability

This CVE has a 94.32% probability of being exploited in the next 30 days.

0% Top 100.0th percentile of all CVEs 100%

CVSS v3.1

Source: VulnerabilityLookup (CIRCL)

8.8

HIGH

Attack Vector

Network

Attack Complexity

Low

Privileges Required

Low

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

High

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CVSS v2 (legacy)

9.3

HIGH

Access Vector

Network

Access Complexity

Medium

Authentication

None

Confidentiality

Complete

Integrity

Complete

Availability

Complete

AV:N/AC:M/Au:N/C:C/I:C/A:C

Description

VulnerabilityLookup (CNA)

The SMBv1 server in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; and Windows 10 Gold, 1511, and 1607; and Windows Server 2016 allows remote attackers to execute arbitrary code via crafted packets, aka "Windows SMB Remote Code Execution Vulnerability." This vulnerability is different from those described in CVE-2017-0143, CVE-2017-0145, CVE-2017-0146, and CVE-2017-0148.

Affected Products

Microsoft Corporation

Windows SMB

The SMBv1 server in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; and Windows 10 Gold, 1511, and 1607

microsoft

server message block

siemens

acuson p300 firmware

siemens

acuson p500 firmware

siemens

acuson sc2000 firmware

siemens

acuson x700 firmware

Microsoft Corporation

Windows SMB

The SMBv1 server in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; and Windows 10 Gold, 1511, and 1607

Google Project Zero

Patched

March 14, 2017

Reported by

???

Root Cause Analysis

???

Exploits & PoC

peterpt/eternal_scanner

An internet scanner for exploit CVE-2017-0144 (Eternal Blue) & CVE-2017-0145 (Eternal Romance)

339 2024-07-31

EEsshq/CVE-2017-0144---EtneralBlue-MS17-010-Remote-Code-Execution

18 2021-03-22

AdityaBhatt3010/VAPT-Report-on-SMB-Exploitation-in-Windows-10-Finance-Endpoint

This report outlines a structured VAPT engagement focusing on PCI DSS compliance, SMB service enumeration, and exploitation of CVE-2017-0144 (EternalB

14 2025-07-10

AtithKhawas/autoblue

AutoBlue - Automated EternalBlue (CVE-2017-0144 / MS17-010) exploitation tool leveraging Nmap and Metasploit for ethical hacking, penetration testing,

4 2024-12-30

sethwhy/BlueDoor

Can you exploit the EternalBlue vulnerability (CVE-2017-0144) on a Windows 7 system and retrieve the hidden flag? Your goal is to gain administrative

2 2024-12-22

kimocoder/eternalblue

CVE-2017-0144

1 2024-04-01

MedX267/EternalBlue-Vulnerability-Scanner

This script checks for devices vulnerable to the EternalBlue exploit (CVE-2017-0144) in a network using SMB.

1 2025-02-03

quynhold/Detect-CVE-2017-0144-attack

Chương trình theo dõi, giám sát lưu lượng mạng được viết bằng Python, nó sẽ đưa ra cảnh báo khi phát hiện tấn công CVE-2017-0144

0 2022-12-23

ducanh2oo3/Vulnerability-Research-CVE-2017-0144

LAB: TẤN CÔNG HỆ ĐIỀU HÀNH WINDOWS DỰA VÀO LỖ HỔNG GIAO THỨC SMB.

0 2024-04-03

AnugiArrawwala/CVE-Research

CVE-2017-0144 (Eternal Blue) | CVE-2023-3881 | CVE-2011-2523

0 2024-07-03

denuwanjayasekara/CVE-Exploitation-Reports

CVE Exploitation Reports: CVE-2007-3280, CVE-2017-0144, CVE-2019-0708

0 2024-09-11

pelagornisandersi/WIndows-7-automated-exploitation-using-metasploit-framework-

Automated bash script which scans an ip for potential vulnerability to eternalblue using nmap and then exploit using metasploit framework which uses t

0 2025-05-30

luckyman2907/SMB-Protocol-Vulnerability_CVE-2017-0144

0 2025-06-25

FireTemple/Blackash-CVE-2017-0144

CVE-2017-0144

0 2025-11-05

Mitsu-bis/Eternal-Blue-CVE-2017-0144-THM-Write-Up

The SMBv1 server in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Wind

0 2025-12-19

klairmanraj/Multi-VLAN-Enterprise-Network-Security-Infrastructure

Multi-VLAN virtual network across 10 VMs: GRE tunneling, nftables firewall, Active Directory, BIND9 DNS, Kea DHCP, Docker web services, SMB file shari

0 2026-04-20

klairmanraj/Vulnerability-Risk-Assessment-TVRA-Enterprise-Network

Qualitative TVRA for a multi-VLAN enterprise lab: Stored XSS on WebGoat (HIGH, 16), Stored XSS on Magento (ABSENT, MEDIUM, 8), and CVE-2017-0144 Etern

0 2026-04-20

klairmanraj/Multi-VLAN-Enterprise-Network-Vulnerability-Assessment

Professional vulnerability assessment of a multi-VLAN enterprise network (student21.local). Confirmed Stored XSS on WebGoat (HIGH, 16) via OWASP ZAP f

0 2026-04-20

dannic145/EternalBlue-Exploit-Demonstration

Cybersecurity lab demonstrating exploitation of CVE-2017-0144 (EternalBlue) using Metasploit against a vulnerable Windows 7 VM, achieving SYSTEM-level

0 2026-04-24

ichhyak22/EternalBlue-Exploit-Demonstration-MS17-010

Cybersecurity lab demonstrating exploitation of CVE-2017-0144 (EternalBlue) using Metasploit against a vulnerable Windows 7 VM, achieving SYSTEM-level

0 2026-04-24

trinadh-dasari-cyber/eternalblue-ms17-010-research

Controlled reproduction of CVE-2017-0144 (EternalBlue) in an isolated AWS EC2 lab — exploit analysis, Wireshark traffic capture, and MITRE ATT&CK mapp

0 2026-05-13

21 repos — triés par ⭐ Rechercher sur GitHub ↗