Multiple vulnerabilities in Microsoft Hyper-V
| Risk | Low |
| Patch available | YES |
| Number of vulnerabilities | 13 |
| CVE-ID | CVE-2017-0162 CVE-2017-0163 CVE-2017-0180 CVE-2017-0181 CVE-2017-0178 CVE-2017-0179 CVE-2017-0182 CVE-2017-0183 CVE-2017-0184 CVE-2017-0185 CVE-2017-0186 CVE-2017-0168 CVE-2017-0169 |
| CWE-ID | CWE-20 |
| Exploitation vector | Network |
| Public exploit | N/A |
| Vulnerable software |
Windows Operating systems & Components / Operating system Windows Server Operating systems & Components / Operating system |
| Vendor | Microsoft |
Security Bulletin
This security bulletin contains information about 13 vulnerabilities.
1) Improper input validation
EUVDB-ID: #VU6256
Risk: High
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: CVE-2017-0162
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote authenticated attacker to execute arbitrary code on the target system.
The vulnerability exists due to improper input validation by Windows Hyper-V Network Switch on a host server. A remote authenticated attacker can run a specially crafted application on a guest operating system and execute arbitrary code on the target system with privileges of the current user.
Successful exploitation of this vulnerability may result in compromise vulnerable system.
Install update from vendor's website.
Windows: 8.1 - 10
Windows Server: 2012 R2 - 2016 10.0.14393.10
CPE2.3- cpe:2.3:o:microsoft:windows:8.1:*:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_server:2012_R2:*:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_server:2016:10.0.14393.10:*:*:*:*:*:*
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0162
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
2) Improper input validation
EUVDB-ID: #VU6257
Risk: High
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: CVE-2017-0163
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote authenticated attacker to execute arbitrary code on the target system.
The vulnerability exists due to improper input validation by Windows Hyper-V Network Switch on a host server. A remote authenticated attacker can run a specially crafted application on a guest operating system and execute arbitrary code on the target system with privileges of the current user.
Successful exploitation of this vulnerability may result in compromise vulnerable system.
Install update from vendor's website.
Windows: 8.1 - 10
Windows Server: 2008 - 2016 10.0.14393.10
CPE2.3- cpe:2.3:o:microsoft:windows:8.1:*:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_server:*:*:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_server:2008_R2:*:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_server:2012_R2:*:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_server:2016:10.0.14393.10:*:*:*:*:*:*
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0163
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
3) Improper input validation
EUVDB-ID: #VU6258
Risk: High
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: CVE-2017-0180
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote authenticated attacker to execute arbitrary code on the target system.
The vulnerability exists due to improper input validation by Windows Hyper-V Network Switch on a host server. A remote authenticated attacker can run a specially crafted application on a guest operating system and execute arbitrary code on the target system with privileges of the current user.
Successful exploitation of this vulnerability may result in compromise vulnerable system.
Install update from vendor's website.
Windows: 8.1 - 10
Windows Server: 2008 - 2016 10.0.14393.10
CPE2.3- cpe:2.3:o:microsoft:windows:8.1:*:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_server:2008_R2:*:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_server:2012_R2:*:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_server:2016:10.0.14393.10:*:*:*:*:*:*
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0180
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
4) Improper input validation
EUVDB-ID: #VU6259
Risk: High
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: CVE-2017-0181
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote authenticated attacker to execute arbitrary code on the target system.
The vulnerability exists due to improper input validation by Windows Hyper-V Network Switch on a host server. A remote authenticated attacker can run a specially crafted application on a guest operating system and execute arbitrary code on the target system with privileges of the current user.
Successful exploitation of this vulnerability may result in compromise vulnerable system.
Install update from vendor's website.
Windows Server: 2016 10.0.14393.10
Windows: 10
CPE2.3 External linkshttps://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0181
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
5) Improper input validation
EUVDB-ID: #VU6260
Risk: Medium
CVSSv4.0: 4.9 [CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2017-0178
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote authenticated attacker to cause DoS conditions.
The vulnerability exists due to improper input validation by Windows Hyper-V Network Switch on a host server. A remote authenticated attacker can run a specially crafted application on a guest operating system and cause a host machine to crash.
Successful exploitation of this vulnerability may result in denial of service.
Install update from vendor's website.
Windows Server: 2012 R2 - 2016 10.0.14393.10
Windows: 8.1 - 10
CPE2.3- cpe:2.3:o:microsoft:windows_server:2012_R2:*:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_server:2016:10.0.14393.10:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows:8.1:*:*:*:*:*:*:*
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0178
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
6) Improper input validation
EUVDB-ID: #VU6261
Risk: Medium
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2017-0179
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote authenticated attacker to cause DoS conditions.
The vulnerability exists due to improper input validation by Windows Hyper-V Network Switch on a host server. A remote authenticated attacker can run a specially crafted application on a guest operating system and cause a host machine to crash.
Successful exploitation of this vulnerability may result in denial of service.
Install update from vendor's website.
Windows Server: 2012 R2 - 2016 10.0.14393.10
Windows: 8.1 - 10
CPE2.3- cpe:2.3:o:microsoft:windows_server:2012_R2:*:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_server:2016:10.0.14393.10:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows:8.1:*:*:*:*:*:*:*
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0179
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
7) Improper input validation
EUVDB-ID: #VU6262
Risk: Medium
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2017-0182
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote authenticated attacker to cause DoS conditions.
The vulnerability exists due to improper input validation by Windows Hyper-V Network Switch on a host server. A remote authenticated attacker can run a specially crafted application on a guest operating system and cause a host machine to crash.
Successful exploitation of this vulnerability may result in denial of service.
Install update from vendor's website.
Windows Server: 2008 - 2016 10.0.14393.10
Windows: 8.1 - 10
CPE2.3- cpe:2.3:o:microsoft:windows_server:2008_R2:*:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_server:2012_R2:*:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_server:2016:10.0.14393.10:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows:8.1:*:*:*:*:*:*:*
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0182
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
8) Improper input validation
EUVDB-ID: #VU6263
Risk: Medium
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2017-0183
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote authenticated attacker to cause DoS conditions.
The vulnerability exists due to improper input validation by Windows Hyper-V Network Switch on a host server. A remote authenticated attacker can run a specially crafted application on a guest operating system and cause a host machine to crash.
Successful exploitation of this vulnerability may result in denial of service.
Install update from vendor's website.
Windows Server: 2008 - 2016 10.0.14393.10
Windows: 8.1 - 10
CPE2.3- cpe:2.3:o:microsoft:windows_server:2008_R2:*:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_server:2012_R2:*:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_server:2016:10.0.14393.10:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows:8.1:*:*:*:*:*:*:*
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0183
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
9) Improper input validation
EUVDB-ID: #VU6264
Risk: Medium
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2017-0184
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote authenticated attacker to cause DoS conditions.
The vulnerability exists due to improper input validation by Windows Hyper-V Network Switch on a host server. A remote authenticated attacker can run a specially crafted application on a guest operating system and cause a host machine to crash.
Successful exploitation of this vulnerability may result in denial of service.
Install update from vendor's website.
Windows Server: 2008 - 2016 10.0.14393.10
Windows: 8.1 - 10
CPE2.3- cpe:2.3:o:microsoft:windows_server:2008_R2:*:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_server:2012_R2:*:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_server:2016:10.0.14393.10:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows:8.1:*:*:*:*:*:*:*
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0184
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
10) Improper input validation
EUVDB-ID: #VU6265
Risk: Medium
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2017-0185
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote authenticated attacker to cause DoS conditions.
The vulnerability exists due to improper input validation by Windows Hyper-V Network Switch on a host server. A remote authenticated attacker can run a specially crafted application on a guest operating system and cause a host machine to crash.
Successful exploitation of this vulnerability may result in denial of service.
Install update from vendor's website.
Windows Server: 2012 - 2016 10.0.14393.10
Windows: 8.1 - 10
CPE2.3- cpe:2.3:o:microsoft:windows_server:2012_R2:*:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_server:2016:10.0.14393.10:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows:8.1:*:*:*:*:*:*:*
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0185
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
11) Improper input validation
EUVDB-ID: #VU6266
Risk: Medium
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2017-0186
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote authenticated attacker to cause DoS conditions.
The vulnerability exists due to improper input validation by Windows Hyper-V Network Switch on a host server. A remote authenticated attacker can run a specially crafted application on a guest operating system and cause a host machine to crash.
Successful exploitation of this vulnerability may result in denial of service.
Install update from vendor's website.
Windows Server: 2012 - 2016 10.0.14393.10
Windows: 8.1 - 10
CPE2.3- cpe:2.3:o:microsoft:windows_server:2012_R2:*:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_server:2016:10.0.14393.10:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows:8.1:*:*:*:*:*:*:*
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0186
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
12) Information disclosure
EUVDB-ID: #VU6267
Risk: Low
CVSSv4.0: 1.3 [CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2017-0168
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote authenticated attacker to obtain potentially sensitive information.
The vulnerability exists due to improper input validation by Windows Hyper-V Network Switch on a host server. A remote authenticated attacker can run a specially crafted application on a guest operating system and access important data.
Successful exploitation of this vulnerability may result in information disclosure.
Install update from vendor's website.
Windows: 8.1
Windows Server: 2008 - 2012 R2
CPE2.3- cpe:2.3:o:microsoft:windows:8.1:*:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_server:2008_R2:*:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_server:2012_R2:*:*:*:*:*:*:*
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0168
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
13) Information disclosure
EUVDB-ID: #VU6268
Risk: Low
CVSSv4.0: 1.1 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2017-0169
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote authenticated attacker to obtain potentially sensitive information.
The vulnerability exists due to improper input validation by Windows Hyper-V Network Switch on a host server. A remote authenticated attacker can run a specially crafted application on a guest operating system and access important data.
Successful exploitation of this vulnerability may result in information disclosure.
Install update from vendor's website.
Windows: 8.1
Windows Server: 2012 - 2012 R2
CPE2.3- cpe:2.3:o:microsoft:windows:8.1:*:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_server:2012_R2:*:*:*:*:*:*:*
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0169
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
