Is CVE-2018-0833 known to be exploited?

48 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Vulnerability in Microsoft Corporation Server Message Block

CVE-2018-0833

The Microsoft Server Message Block 2.0 and 3.0 (SMBv2/SMBv3) client in Windows 8.1 and RT 8.1 and Windows Server 2012 R2 allows a denial of service vulnerability due to how specially crafted requests are handled, aka "SMBv2/SMBv3 Null Dere…

EPSS: 0.745 (98.9th percentile) — read the EPSS interpretation.

Affected products

Microsoft Corporation Server Message Block — versions Windows 8.1 and RT 8.1 and Windows Server 2012 R2

Public proof-of-concept exploits

References

102924 (vdb-entry, x_refsource_BID)
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0833 (x_refsource_CONFIRM)
1040375 (vdb-entry, x_refsource_SECTRACK)
github.com/KINGSABRI/CVE-in-Ruby/tree/master/CVE-2018-0833 (x_refsource_MISC)
44189 (exploit, x_refsource_EXPLOIT-DB)

Frequently asked questions

What is CVE-2018-0833?: CVE-2018-0833 is a vulnerability in Microsoft Corporation Server Message Block. Published 2018-02-15.
Is CVE-2018-0833 known to be exploited?: 48 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.