CVE-2017-0145

ENISA EUVD: EUVD-2017-0512 ↗
Exploited in the Wild ✓ Confirmed 0-Day ★ Google Project Zero
Triaged: March 3, 2026 3 articles
VulnLookup ↗ NVD ↗ EUVD ↗ MITRE ↗ Advisory ↗ P0 Sheet ↗ CISA KEV ↗

EPSS Score

Source: FIRST.org · 2026-05-24
93.27%
probability
This CVE has a 93.27% probability of being exploited in the next 30 days.
0% Top 99.8th percentile of all CVEs 100%

CVSS v3.1

Source: NVD
8.8
Attack Vector
Network
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Description

Project Zero
Unspecified type confusion in SMB (EternalRomance)

Affected Products

Google Project Zero

Patched
March 14, 2017
Reported by
???
Root Cause Analysis
???

Exploits & PoC

MelonSmasher/chef_tissues

Install patch for CVE-2017-0145 AKA WannaCry.

0
1 repo — triés par ⭐ Rechercher sur GitHub ↗

Signal Intelligence

Confidence
92%
EPSS 93.27%
CVSS v3.1 8.8
Mentions 3
Last Seen Sep 04, 2023

CNA Information

Analyst Note

CVE-2017-0145 is a confirmed critical SMB vulnerability affecting multiple Windows versions with a high CVSS score of 8.8, documented by Google Project Zero and actively exploited by the WannaCry ransomware campaign. The widespread impact and real-world exploitation evidence strongly support the confirmed status.

Threat Actors 4

Lazarus Group
apt_group Information theft and espionage 🇰🇵 KP
The Shadow Brokers
apt_group 🇷🇺 RU
FASTCash
apt_group Information theft and espionage 🇰🇵 KP
TEMP.Hermit
apt_group Information theft and espionage 🇰🇵 KP

Triage Info

Decided atMar 03, 2026