Vulnerability CVE-2019-0708

Vulnerability CVE-2019-0708

Published: 2019-05-16

Description:

A remote code execution vulnerability exists in Remote Desktop Services formerly known as Terminal Services when an unauthenticated attacker connects to the target system using RDP and sends specially crafted requests, aka 'Remote Desktop Services Remote Code Execution Vulnerability'.

See advisories in our WLB2 database:

	Topic	Author	Date
Med.	Microsoft Windows RDP BlueKeep Denial Of Service	Ramella Sebastie...	16.07.2019
Med.	Microsoft Windows Remote Desktop BlueKeep Denial of Service (Metasploit)	RAMELLA Sebastie...	18.07.2019
High	BlueKeep RDP Remote Windows Kernel Use-After-Free	OJ Reeves	24.09.2019
High	Microsoft Windows BlueKeep RDP Remote Windows Kernel Use After Free (Metasploit)	Sean Dillon	25.09.2019
High	Microsoft RDP Remote Code Execution	Johnny Yu	06.06.2021

Type:

CWE-20

(Improper Input Validation)

CVSS2 => (AV:N/AC:L/Au:N/C:C/I:C/A:C)

CVSS Base Score	Impact Subscore	Exploitability Subscore
10/10	10/10	10/10

Exploit range	Attack complexity	Authentication
Remote	Low	No required
Confidentiality impact	Integrity impact	Availability impact
Complete	Complete	Complete

Affected software
Microsoft -> Windows 7
Microsoft -> Windows server 2008
Microsoft -> Windows server 2003
Microsoft -> Windows vista
Microsoft -> Windows xp

References:

http://packetstormsecurity.com/files/153133/Microsoft-Windows-Remote-Desktop-BlueKeep-Denial-Of-Service.html

http://packetstormsecurity.com/files/153627/Microsoft-Windows-RDP-BlueKeep-Denial-Of-Service.html

http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190529-01-windows-en

http://www.huawei.com/en/psirt/security-notices/huawei-sn-20190515-01-windows-en

https://cert-portal.siemens.com/productcert/pdf/ssa-166360.pdf

https://cert-portal.siemens.com/productcert/pdf/ssa-406175.pdf

https://cert-portal.siemens.com/productcert/pdf/ssa-433987.pdf

https://cert-portal.siemens.com/productcert/pdf/ssa-616199.pdf

https://cert-portal.siemens.com/productcert/pdf/ssa-832947.pdf

https://cert-portal.siemens.com/productcert/pdf/ssa-932041.pdf

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0708

Vulnerability CVE-2019-0708

A remote code execution vulnerability exists in Remote Desktop Services formerly known as Terminal Services when an unauthenticated attacker connects to the target system using RDP and sends specially crafted requests, aka 'Remote Desktop Services Remote Code Execution Vulnerability'.

See advisories in our WLB2 database:

Med.

Microsoft Windows RDP BlueKeep Denial Of Service

Med.

Microsoft Windows Remote Desktop BlueKeep Denial of Service (Metasploit)

High

BlueKeep RDP Remote Windows Kernel Use-After-Free

High

Microsoft Windows BlueKeep RDP Remote Windows Kernel Use After Free (Metasploit)

High

Microsoft RDP Remote Code Execution

CWE-20

CVSS2 => (AV:N/AC:L/Au:N/C:C/I:C/A:C)

10/10

10/10

10/10

Remote

Low

No required

Complete

Complete

Complete

Affected software

References: