CVE-2017-6517

high-risk
Published 2017-03-23

Microsoft Skype 7.16.0.102 contains a vulnerability that could allow an unauthenticated, remote attacker to execute arbitrary code on the targeted system. This vulnerability exists due to the way .dll files are loaded by Skype. It allows an attacker to load a .dll of the attacker's choosing that could execute arbitrary code without the user's knowledge.The specific flaw exists within the handling of DLL (api-ms-win-core-winrt-string-l1-1-0.dll) loading by the Skype.exe process.

Do I need to act?

!
19.7% chance of exploitation in next 30 days
EPSS score — higher than 80% of all CVEs
-
Not on CISA KEV list
No confirmed active exploitation reported to CISA
?
Patch status unknown
Check vendor advisories for fix availability and mitigation guidance
9
CVSS 9.8/10 Critical
NETWORK / LOW complexity

Affected Products (1)

Skype

Affected Vendors

Microsoft

References (14)

Exploit http://packetstormsecurity.com/files/141650/Skype-7.16.0.102-DLL-Hijacking.html
Mailing List http://seclists.org/fulldisclosure/2017/Mar/44
Third Party Advisory http://www.securityfocus.com/bid/96969
http://www.securitytracker.com/id/1038209
Not Applicable https://technet.microsoft.com/security/cc308575.aspx
Press/Media Coverage https://twitter.com/tiger_tigerboy/status/755332687141883904
Press/Media Coverage https://twitter.com/vysecurity/status/845013670103003138
Exploit http://packetstormsecurity.com/files/141650/Skype-7.16.0.102-DLL-Hijacking.html
Mailing List http://seclists.org/fulldisclosure/2017/Mar/44
Third Party Advisory http://www.securityfocus.com/bid/96969
http://www.securitytracker.com/id/1038209
Not Applicable https://technet.microsoft.com/security/cc308575.aspx
Press/Media Coverage https://twitter.com/tiger_tigerboy/status/755332687141883904
Press/Media Coverage https://twitter.com/vysecurity/status/845013670103003138
51
/ 100
high-risk
Severity 32/34 · Critical
Exploitability 14/34 · Moderate
Exposure 5/34 · Minimal