Intrusion.Win.EternalRomance

Detect Date 12/13/2019
Class Intrusion
Platform Win
Description

The Intrusion.Win.EternalRomance attack is aimed at the SMBv1 server in Windows. This attack allows the intruder to execute arbitrary program code remotely. The attack uses the CVE-2017-0145 vulnerability that was fixed in the MS17-010 security bulletin (https://docs.microsoft.com/en-us/security-updates/securitybulletins/2017/ms17-010).