CVE-2017-0147
Microsoft Windows SMBv1 Information Disclosure Vulnerability
CVSS
—
No CVSS
EPSS
99.7%
p100
KEV
YES
May 24, 2022
Exploit Today
80
0-100
Published: — · Last modified: —
99.7%EPSS · 30 days99.7%
2026-06-302026-07-16
Product
Microsoft / SMBv1 server
Vulnerability
Microsoft Windows SMBv1 Information Disclosure Vulnerability
Added to KEV
May 24, 2022
Remediate by
Jun 14, 2022
Known ransomware use
Yes
Summary description
The SMBv1 server in Microsoft Windows allows remote attackers to obtain sensitive information from process memory via a crafted packet.
Required action
Apply updates per vendor instructions.
Notes
https://nvd.nist.gov/vuln/detail/CVE-2017-0147
CVECVSSEPSSKEVRExploitTitleMod.
CVE-2017-0148—99.9%
KEV—80Microsoft SMBv1 Server Remote Code Execution Vulnerability—