High severity7.6NVD Advisory· Published Apr 12, 2017· Updated May 13, 2026

CVE-2017-0162

Description

A remote code execution vulnerability exists when Windows Hyper-V Network Switch running on a Windows 10, Windows 8.1, Windows Server 2012 R2, or Windows Server 2016 host server fails to properly validate input from an authenticated user on a guest operating system, aka "Hyper-V Remote Code Execution Vulnerability." This CVE ID is unique from CVE-2017-0163, CVE-2017-0180, and CVE-2017-0181.

Affected products

Microsoft/Windows 104 versions
cpe:2.3:o:microsoft:windows_10:*:*:*:*:*:*:*:*+ 3 more
- cpe:2.3:o:microsoft:windows_10:*:*:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_10:1511:*:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_10:1607:*:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_10:1703:*:*:*:*:*:*:*
Microsoft/Windows 8.1
cpe:2.3:o:microsoft:windows_8.1:*:*:*:*:*:*:*:*
Microsoft/Windows Server 2012
cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*
Microsoft/Windows Server 2016
cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*
Microsoft Corporation/Windows Hyper-Vv5
Range: Windows 10, Windows 8.1, Windows Server 2012 R2, and Windows Server 2016

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0162nvdMitigationPatchVendor Advisory
www.securityfocus.com/bid/97461nvdThird Party AdvisoryVDB Entry
www.securitytracker.com/id/1038233nvd

News mentions

No linked articles in our index yet.

cvss	0.494
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000