ICSMA-20-170-01

Risk Scores

Affected Products

Exploit Intelligence

• SMBv1: CVE-2017-0143, gravedad 8.8, de ejecucion remota de codigo (RCE), en Windows con SMBv1 (ms17-010) (github-poc)
• benguelmas/cve-2017-0143 (github-poc)
• This is a security assessment report regarding the EthernalBlue vulnerability (CVE-2017-0143). (github-poc)
• A hands-on vulnerability assessment and exploitation of a Windows 7 VM using the EternalBlue (CVE-2017-0143) exploit. Includes scanning, exploitation with Metasploit, post-exploitation, and remediation steps in a controlled lab environment. (github-poc)
• MS17-010 (CVE-2017-0143) - Python3 Script (github-poc)
• Technical Analysis of the SMB vulnerability (CVE-2017-0143) & its impact on the vulnerable system (github-poc)
• MS17-010_CVE-2017-0143 (github-poc)
• EternalBlue is a well-known SMB exploit created by the NSA to attack various versions of Windows, including Windows 7. Etern-Blue-Windows-7-Checker will basically send SMB packets to a host to see if that Windows host machine is vulnerable to the EternalBlue exploit (CVE-2017-0143). (github-poc)
• Simple script using nmap to detect CVE-2017-0143 MS17-010 in your network (github-poc)
• https://raw.githubusercontent.com/cisagov/CSAF/develop/csaf_files/OT/white/2020/icsma-20-170-01.json (circl)

…and 7 more exploits

Timeline

• May 19, 2017 PoC Published
• Jun 18, 2020 CVE Published
• Jun 23, 2020 CVE Updated
• Feb 21, 2025 PoC Published

References

• https://raw.githubusercontent.com/cisagov/CSAF/develop/csaf_files/OT/white/2020/icsma-20-170-01.json advisory
• https://www.cisa.gov/news-events/ics-medical-advisories/icsma-20-170-01 advisory
• https://www.fda.gov/medical-devices/digital-health/cybersecurity url
• https://www.us-cert.gov/sites/default/files/recommended_practices/NCCIC_ICS-CERT_Defense_in_Depth_2016_S508C.pdf url
• https://www.us-cert.gov/ics/tips/ICS-TIP-12-146-01B url
• https://www.baxter.com/product-security#additionalresources fix