The Server Message Block (SMB) driver (MRXSMB.SYS) in Microsoft Windows 2000 SP4, XP SP1 and SP2, and Server 2003 SP1 and earlier allows local users to cause a denial of service (hang) by calling the MrxSmbCscIoctlCloseForCopyChunk with the file handle of the shadow device, which results in a deadlock, aka the "SMB Invalid Handle Vulnerability."
Threat-Mapped Scoring
Score: 1.5
Priority: P4 - Informational (Low)
EPSS
Score: 0.00404Percentile:
0.60098
CVSS Scoring
CVSS v3.1 Score: 5.5
Severity: MEDIUM
Mapped CWE(s)
CWE-667
: Improper Locking
All CAPEC(s)
CAPEC-25 : Forced Deadlock
CAPEC-26 : Leveraging Race Conditions
CAPEC-27 : Leveraging Race Conditions via Symbolic Links
CAPEC(s) with Mapped TTPs
CAPEC-25 : Forced Deadlock
Mapped TTPs:
T1499.004
: Application or System Exploitation
Mapped ATT&CK TTPs
T1499.004
: Application or System Exploitation
Kill Chain: impact
Malware
APTs Threat Group Associations
Campaigns
Affected Products
cpe:2.3:o:microsoft:windows_2000:-:sp4:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_2003_server:-:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_2003_server:-:*:*:*:*:*:itanium:*
cpe:2.3:o:microsoft:windows_2003_server:-:*:*:*:*:*:x64:*
cpe:2.3:o:microsoft:windows_2003_server:-:sp1:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_2003_server:-:sp1:*:*:*:*:itanium:*
cpe:2.3:o:microsoft:windows_xp:-:*:*:*:professional:*:x64:*
cpe:2.3:o:microsoft:windows_xp:-:sp1:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_xp:-:sp2:*:*:*:*:*:*
← Back to Home
BrownCoat Threat Intelligence Platform | 2025 Steve Gray — You Can’t Take the Sky from Me