Elevation of Privilege Vulnerability in Microsoft Windows Hyper-V
CVE-2017-0212

7.6HIGH

Key Information:

Vendor: Microsoft
Status: Microsoft Hyper-v
Vendor: CVE Published:; 12 May 2017

Summary

The Windows Hyper-V component allows an elevation of privilege when vulnerable installations fail to adequately validate vSMB (virtual Server Message Block) packet data. Exploiting this vulnerability could enable attackers to gain unauthorized access and execute arbitrary code in the context of the system, showcasing the importance of applying timely security updates.

Affected Version(s)

Microsoft Hyper-V Microsoft Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016.

References

https://portal.msrc.microsoft.com/en-US/security-guidance...

x_refsource_CONFIRM

http://www.securityfocus.com/bid/98099

vdb-entryx_refsource_BID

CVSS V3.1

Score:

7.6

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Adjacent Network

Attack Complexity:

High

Privileges Required:

High

User Interaction:

None

Scope:

Changed

Timeline

Vulnerability published
May 12, 2017
Vulnerability Reserved
Sep 9, 2016