← Volver a CVEs
CVE-2017-8543
CRITICALCISA KEV9.8
Descripcion
Microsoft Windows XP SP3, Windows XP x64 XP2, Windows Server 2003 SP2, Windows Vista, Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, Windows 8, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allow an attacker to take control of the affected system when Windows Search fails to handle objects in memory, aka "Windows Search Remote Code Execution Vulnerability".
Detalles CVE
Puntuacion CVSS v3.19.8
SeveridadCRITICAL
Vector CVSSCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Vector de ataqueNETWORK
ComplejidadLOW
Privilegios requeridosNONE
Interaccion usuarioNONE
Publicado6/15/2017
Ultima modificacion10/22/2025
Fuentekev
Avistamientos honeypot0
CISA KEV
VendedorMicrosoft
ProductoWindows
Nombre vulnerabilidadMicrosoft Windows Search Remote Code Execution Vulnerability
Fecha inclusion KEV2022-05-24
Fecha limite remediacion2022-06-14
Uso en ransomwareUnknown
Productos afectados
microsoft:windows_10_1507microsoft:windows_10_1511microsoft:windows_10_1607microsoft:windows_10_1703microsoft:windows_7microsoft:windows_8.1microsoft:windows_rt_8.1microsoft:windows_server_2008microsoft:windows_server_2012microsoft:windows_server_2016
Debilidades (CWE)
CWE-281CWE-281
Referencias
http://www.securityfocus.com/bid/98824(secure@microsoft.com)
http://www.securitytracker.com/id/1038667(secure@microsoft.com)
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-8543(secure@microsoft.com)
http://www.securityfocus.com/bid/98824(af854a3a-2127-422b-91ae-364da2661108)
http://www.securitytracker.com/id/1038667(af854a3a-2127-422b-91ae-364da2661108)
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-8543(af854a3a-2127-422b-91ae-364da2661108)
https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2017-8543(134c704f-9b21-4f2e-91b3-4a467353bcc0)
Correlaciones IOC
Sin correlaciones registradas
This product uses data from the NVD API but is not endorsed or certified by the NVD.