Published: 11/07/2017 Updated: 03/10/2019

CVSS v2 Base Score: 7.9 | Impact Score: 10 | Exploitability Score: 5.5

CVSS v3 Base Score: 7.5 | Impact Score: 5.9 | Exploitability Score: 1.6

VMScore: 703

Vector: AV:A/AC:M/Au:N/C:C/I:C/A:C

Windows 10 1607 and Windows Server 2016 allow an malicious user to execute code remotely via a specially crafted WiFi packet aka "HoloLens Remote Code Execution Vulnerability."

Vulnerable Product	Search on Vulmon	Subscribe to Product
microsoft windows 10 1607
microsoft windows server 2016

It's July 2017 – and your expensive HoloLens can be pwned over Wi-Fi

The Register • Shaun Nichols in San Francisco • 11 Jul 2017

Augmented Reality bites. Plus: Update Windows boxes, Flash ASAP

Patch Tuesday Microsoft's HoloLens may only be in the hands of developers, but that hasn't stopped researchers from finding major security holes in the augmented reality headset. Critical fixes for HoloLens were among the 57 CVE-listed flaws Redmond had to address in this month's edition of Patch Tuesday. Of the 57 bugs blasted in various Microsoft products, 19 are listed as critical and 24 could potentially allow for remote code execution. Four vulnerabilities were disclosed publicly before tod...

CVE-2017-8584

Vulnerability Summary

Recent Articles

References

Vulmon Search

About

Products

Connect