EternalBlue (CVE-2017-0144) is a Windows SMBv1 buffer overflow exploit developed by the NSA. It powered WannaCry and NotPetya, causing billions in damages worldwide.

CVE-2017-0144: EternalBlue

HIGH

8.1HIGH

Published: 2017-03-14Affected: Microsoft Windows SMBv1CWE-120 ↗

What is EternalBlue?

A buffer overflow in Microsoft Windows SMBv1 protocol discovered by the NSA and leaked by the Shadow Brokers. Allows remote code execution on unpatched Windows systems via specially crafted SMB packets.

Impact & Exploitation

Powered the WannaCry ransomware attack (200,000+ systems in 150 countries) and NotPetya ($10B+ in damages). Used by multiple nation-state actors.

How Precogs AI Detects EternalBlue

Precogs AI Binary SAST detects SMBv1 protocol usage in compiled Windows applications and firmware, flagging legacy protocol dependencies that should be migrated.

Scan for CVE-2017-0144

Precogs Research

This vulnerability intelligence report was analyzed and enriched by the Precogs AI Security Team. Our researchers continuously monitor emerging threats across AI code, LLM pipelines, and binary architectures to ensure accurate real-time remediation guidance.

CVE-2017-0144: EternalBlue

What is EternalBlue?

Impact & Exploitation

How Precogs AI Detects EternalBlue

Precogs Research

Base Score

Tags

Quick Links

Is your system affected?

What is EternalBlue?

Impact & Exploitation

How Precogs AI Detects EternalBlue

Related Resources

🔍 Related CWE Entries

📖 Security Guides

🛡️ Notable Vulnerabilities

🔗 External References

Precogs Research

Base Score

Tags

Quick Links

Is your system affected?