Multiple vulnerabilities in Microsoft Windows Hyper-V
| Risk | Low |
| Patch available | YES |
| Number of vulnerabilities | 11 |
| CVE-ID | CVE-2017-0021 CVE-2017-0095 CVE-2017-0051 CVE-2017-0074 CVE-2017-0076 CVE-2017-0097 CVE-2017-0099 CVE-2017-0098 CVE-2017-0075 CVE-2017-0109 CVE-2017-0096 |
| CWE-ID | CWE-20 CWE-119 CWE-200 |
| Exploitation vector | Network |
| Public exploit | Public exploit code for vulnerability #6 is available. |
| Vulnerable software Subscribe |
Windows Operating systems & Components / Operating system Windows Server Operating systems & Components / Operating system |
| Vendor | Microsoft |
Security Bulletin
This security bulletin contains information about 11 vulnerabilities.
1) Privilege escalation
EUVDB-ID: #VU6030
Risk: Medium
CVSSv3.1: 7.8 [CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2017-0021
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker with access to guest operating system to execute arbitrary code on the host system.
The vulnerability exists due to input validation error when processing SMB packets in Windows Hyper-V. A remote attacker with access to guest system can send specially crafted SMB packets to the host system and execute arbitrary code on the host system.
Successful exploitation of this vulnerability may allow an attacker to compromise the host system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsWindows: 10
Windows Server: 2016 10.0.14393.10
External linkshttp://technet.microsoft.com/en-us/library/security/MS17-008
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the local network (LAN).
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
2) Privilege escalation
EUVDB-ID: #VU6031
Risk: Medium
CVSSv3.1: 7.8 [CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2017-0095
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker with access to guest operating system to execute arbitrary code on the host system.
The vulnerability exists due to input validation error when processing SMB packets in Windows Hyper-V. A remote attacker with access to guest system can send specially crafted SMB packets to the host system and execute arbitrary code on the host system.
Successful exploitation of this vulnerability may allow an attacker to compromise the host system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsWindows: 10
Windows Server: 2016 10.0.14393.10
External linkshttp://technet.microsoft.com/en-us/library/security/MS17-008
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the local network (LAN).
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
3) Out-of-bounds memory access
EUVDB-ID: #VU6032
Risk: Low
CVSSv3.1: 5.9 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2017-0051
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
Description
The vulnerability allows a remote attacker with privileged access to guest operating system to perform a denial of service (DoS) attack.
Successful exploitation of this vulnerability may result denial of service attack again the host system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsWindows: 10
Windows Server: 2016 10.0.14393.10
External linkshttp://technet.microsoft.com/en-us/library/security/MS17-008
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
4) Out-of-bounds memory access
EUVDB-ID: #VU6037
Risk: Low
CVSSv3.1: 5.9 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2017-0074
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
Description
The vulnerability allows a remote attacker with privileged access to guest operating system to perform a denial of service (DoS) attack.
Successful exploitation of this vulnerability may result denial of service attack again the host system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsWindows: 8.1 - 10
Windows Server: 2012 - 2016 10.0.14393.10
External linkshttp://technet.microsoft.com/en-us/library/security/MS17-008
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
5) Out-of-bounds memory access
EUVDB-ID: #VU6038
Risk: Low
CVSSv3.1: 5.9 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2017-0076
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
Description
The vulnerability allows a remote attacker with privileged access to guest operating system to perform a denial of service (DoS) attack.
Successful exploitation of this vulnerability may result denial of service attack again the host system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsWindows: 7 - Vista
Windows Server: 2008 - 2016 10.0.14393.10
External linkshttp://technet.microsoft.com/en-us/library/security/MS17-008
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
6) Out-of-bounds memory access
EUVDB-ID: #VU6039
Risk: Low
CVSSv3.1: 6.1 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H/E:P/RL:O/RC:C]
CVE-ID: CVE-2017-0097
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
Description
The vulnerability allows a remote attacker with privileged access to guest operating system to perform a denial of service (DoS) attack.
Successful exploitation of this vulnerability may result denial of service attack again the host system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsWindows: 7 - Vista
Windows Server: 2008 - 2016 10.0.14393.10
External linkshttp://technet.microsoft.com/en-us/library/security/MS17-008
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.
7) Out-of-bounds memory access
EUVDB-ID: #VU6040
Risk: Low
CVSSv3.1: 5.9 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2017-0099
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
Description
The vulnerability allows a remote attacker with privileged access to guest operating system to perform a denial of service (DoS) attack.
Successful exploitation of this vulnerability may result denial of service attack again the host system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsWindows: 7 - Vista
Windows Server: 2008 - 2016 10.0.14393.10
External linkshttp://technet.microsoft.com/en-us/library/security/MS17-008
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
8) Out-of-bounds memory access
EUVDB-ID: #VU6041
Risk: Low
CVSSv3.1: 5.9 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2017-0098
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
Description
The vulnerability allows a remote attacker with privileged access to guest operating system to perform a denial of service (DoS) attack.
Successful exploitation of this vulnerability may result denial of service attack again the host system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsWindows: 10
Windows Server: 2016 10.0.14393.10
External linkshttp://technet.microsoft.com/en-us/library/security/MS17-008
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
9) Improper input validation
EUVDB-ID: #VU6044
Risk: Low
CVSSv3.1: 7.7 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2017-0075
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
Description
The vulnerability allows a remote attacker with access to guest operating system to compromise the host system.
Successful exploitation of this vulnerability may allow an attacker to escalate privileges.
Install updates from vendor's website.
Vulnerable software versionsWindows: 7 - Vista
Windows Server: 2008 - 2016 10.0.14393.10
External linkshttp://technet.microsoft.com/en-us/library/security/MS17-008
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
10) Improper input validation
EUVDB-ID: #VU6046
Risk: Low
CVSSv3.1: 7.7 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2017-0109
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
Description
The vulnerability allows a remote attacker with access to guest operating system to compromise the host system.
Successful exploitation of this vulnerability may allow an attacker to escalate privileges.
Install updates from vendor's website.
Vulnerable software versionsWindows: 7 - Vista
Windows Server: 2008 - 2016 10.0.14393.10
External linkshttp://technet.microsoft.com/en-us/library/security/MS17-008
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
11) Information disclosure
EUVDB-ID: #VU6047
Risk: Low
CVSSv3.1: 3.3 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2017-0096
CWE-ID:
CWE-200 - Information exposure
Exploit availability: No
Description
The vulnerability allows a remote attacker with access to guest operating system to disclose memory information on the host system.
Successful exploitation of this vulnerability may allow an attacker to gain access to potentially sensitive information.
Install updates from vendor's website.
Vulnerable software versionsWindows: 7 - Vista
Windows Server: 2008 - 2016 10.0.14393.10
External linkshttp://technet.microsoft.com/en-us/library/security/MS17-008
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
