CVE-2017-8543

Published: Jun 15, 2017Modified: Apr 22, 2026CISA KEV

9.8

Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Exploitability: 3.9 / Impact: 5.9

Source: NVD

Description

Microsoft Windows XP SP3, Windows XP x64 XP2, Windows Server 2003 SP2, Windows Vista, Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, Windows 8, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allow an attacker to take control of the affected system when Windows Search fails to handle objects in memory, aka "Windows Search Remote Code Execution Vulnerability".

Affected (17)

Products: Microsoft: Windows 10 1507, Windows 10 1511, Windows 10 1607, Windows 10 1703, Windows 7, Windows 8.1, Windows Rt 8.1, Windows Server 2008, Windows Server 2012, Windows Server 2016

10 products

Configuration A

17 vulnerable

Vulnerable Software	Affected Versions
Microsoft Windows 10 1507	All versions
Microsoft Windows 10 1507	All versions
Microsoft Windows 10 1511	All versions
Microsoft Windows 10 1511	All versions
Microsoft Windows 10 1607	All versions
Microsoft Windows 10 1607	All versions
Microsoft Windows 10 1703	All versions
Microsoft Windows 10 1703	All versions
Microsoft Windows 7	All versions
Microsoft Windows 8.1	All versions
Microsoft Windows Rt 8.1	All versions
Microsoft Windows Server 2008	All versions
Microsoft Windows Server 2008	Version r2 sp1
Microsoft Windows Server 2008	Version r2 sp1
Microsoft Windows Server 2012	All versions
Microsoft Windows Server 2012	Version r2
Microsoft Windows Server 2016	All versions