TROYANOSYVIRUS
Zuruck zu CVEs

CVE-2019-0708

CRITICALCISA KEV
9.8

Beschreibung

A remote code execution vulnerability exists in Remote Desktop Services formerly known as Terminal Services when an unauthenticated attacker connects to the target system using RDP and sends specially crafted requests, aka 'Remote Desktop Services Remote Code Execution Vulnerability'.

CVE Details

CVSS v3.1 Bewertung9.8
SchweregradCRITICAL
CVSS VektorCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
AngriffsvektorNETWORK
KomplexitatLOW
Erforderliche PrivilegienNONE
BenutzerinteraktionNONE
Veroffentlicht5/16/2019
Zuletzt geandert10/29/2025
Quellekev
Honeypot-Sichtungen0

CISA KEV

HerstellerMicrosoft
ProduktRemote Desktop Services
SchwachstellennameMicrosoft Remote Desktop Services Remote Code Execution Vulnerability
KEV Aufnahmedatum2021-11-03
Behebungsfrist2022-05-03
Ransomware-NutzungKnown

Betroffene Produkte

huawei:agile_controller-campushuawei:agile_controller-campus_firmwarehuawei:bh620_v2huawei:bh620_v2_firmwarehuawei:bh621_v2huawei:bh621_v2_firmwarehuawei:bh622_v2huawei:bh622_v2_firmwarehuawei:bh640_v2huawei:bh640_v2_firmwarehuawei:ch121huawei:ch121_firmwarehuawei:ch140huawei:ch140_firmwarehuawei:ch220huawei:ch220_firmwarehuawei:ch221huawei:ch221_firmwarehuawei:ch222huawei:ch222_firmwarehuawei:ch240huawei:ch240_firmwarehuawei:ch242huawei:ch242_firmwarehuawei:ch242_v3huawei:ch242_v3_firmwarehuawei:e6000huawei:e6000_chassishuawei:e6000_chassis_firmwarehuawei:e6000_firmwarehuawei:eloghuawei:elog_firmwarehuawei:espace_ecshuawei:espace_ecs_firmwarehuawei:gtsoftx3000huawei:gtsoftx3000_firmwarehuawei:oceanstor_18500huawei:oceanstor_18500_firmwarehuawei:oceanstor_18800huawei:oceanstor_18800_firmwarehuawei:oceanstor_18800fhuawei:oceanstor_18800f_firmwarehuawei:oceanstor_hvs85thuawei:oceanstor_hvs85t_firmwarehuawei:oceanstor_hvs88thuawei:oceanstor_hvs88t_firmwarehuawei:rh1288_v2huawei:rh1288_v2_firmwarehuawei:rh1288a_v2huawei:rh1288a_v2_firmwarehuawei:rh2265_v2huawei:rh2265_v2_firmwarehuawei:rh2268_v2huawei:rh2268_v2_firmwarehuawei:rh2285_v2huawei:rh2285_v2_firmwarehuawei:rh2285h_v2huawei:rh2285h_v2_firmwarehuawei:rh2288_v2huawei:rh2288_v2_firmwarehuawei:rh2288a_v2huawei:rh2288a_v2_firmwarehuawei:rh2288e_v2huawei:rh2288e_v2_firmwarehuawei:rh2288h_v2huawei:rh2288h_v2_firmwarehuawei:rh2485_v2huawei:rh2485_v2_firmwarehuawei:rh5885_v2huawei:rh5885_v2_firmwarehuawei:rh5885_v3huawei:rh5885_v3_firmwarehuawei:seco_vsmhuawei:seco_vsm_firmwarehuawei:smc2.0huawei:smc2.0_firmwarehuawei:umahuawei:uma_firmwarehuawei:x6000huawei:x6000_firmwarehuawei:x8000huawei:x8000_firmwaremicrosoft:windows_7microsoft:windows_server_2008siemens:aptiosiemens:aptio_firmwaresiemens:atellica_solutionsiemens:atellica_solution_firmwaresiemens:axiom_multix_msiemens:axiom_multix_m_firmwaresiemens:axiom_vertix_md_traumasiemens:axiom_vertix_md_trauma_firmwaresiemens:axiom_vertix_solitaire_msiemens:axiom_vertix_solitaire_m_firmwaresiemens:centralinksiemens:centralink_firmwaresiemens:lantissiemens:lantis_firmwaresiemens:mobilett_xp_digitalsiemens:mobilett_xp_digital_firmwaresiemens:multix_prosiemens:multix_pro_acsssiemens:multix_pro_acss_firmwaresiemens:multix_pro_acss_psiemens:multix_pro_acss_p_firmwaresiemens:multix_pro_firmwaresiemens:multix_pro_navysiemens:multix_pro_navy_firmwaresiemens:multix_pro_psiemens:multix_pro_p_firmwaresiemens:multix_swingsiemens:multix_swing_firmwaresiemens:multix_topsiemens:multix_top_acsssiemens:multix_top_acss_firmwaresiemens:multix_top_acss_psiemens:multix_top_acss_p_firmwaresiemens:multix_top_firmwaresiemens:multix_top_psiemens:multix_top_p_firmwaresiemens:rapidpoint_500siemens:rapidpoint_500_firmwaresiemens:streamlabsiemens:streamlab_firmwaresiemens:syngo_lab_process_managersiemens:vertix_solitairesiemens:vertix_solitaire_firmwaresiemens:viva_esiemens:viva_e_firmwaresiemens:viva_twinsiemens:viva_twin_firmware

Schwachen (CWE)

CWE-416CWE-416

Referenzen

http://packetstormsecurity.com/files/153133/Microsoft-Windows-Remote-Desktop-BlueKeep-Denial-Of-Service.html(secure@microsoft.com)
http://packetstormsecurity.com/files/153627/Microsoft-Windows-RDP-BlueKeep-Denial-Of-Service.html(secure@microsoft.com)
http://packetstormsecurity.com/files/154579/BlueKeep-RDP-Remote-Windows-Kernel-Use-After-Free.html(secure@microsoft.com)
http://packetstormsecurity.com/files/155389/Microsoft-Windows-7-x86-BlueKeep-RDP-Use-After-Free.html(secure@microsoft.com)
http://packetstormsecurity.com/files/162960/Microsoft-RDP-Remote-Code-Execution.html(secure@microsoft.com)
http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190529-01-windows-en(secure@microsoft.com)
http://www.huawei.com/en/psirt/security-notices/huawei-sn-20190515-01-windows-en(secure@microsoft.com)
https://cert-portal.siemens.com/productcert/pdf/ssa-166360.pdf(secure@microsoft.com)
https://cert-portal.siemens.com/productcert/pdf/ssa-406175.pdf(secure@microsoft.com)
https://cert-portal.siemens.com/productcert/pdf/ssa-433987.pdf(secure@microsoft.com)
https://cert-portal.siemens.com/productcert/pdf/ssa-616199.pdf(secure@microsoft.com)
https://cert-portal.siemens.com/productcert/pdf/ssa-832947.pdf(secure@microsoft.com)
https://cert-portal.siemens.com/productcert/pdf/ssa-932041.pdf(secure@microsoft.com)
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0708(secure@microsoft.com)
http://packetstormsecurity.com/files/153133/Microsoft-Windows-Remote-Desktop-BlueKeep-Denial-Of-Service.html(af854a3a-2127-422b-91ae-364da2661108)
http://packetstormsecurity.com/files/153627/Microsoft-Windows-RDP-BlueKeep-Denial-Of-Service.html(af854a3a-2127-422b-91ae-364da2661108)
http://packetstormsecurity.com/files/154579/BlueKeep-RDP-Remote-Windows-Kernel-Use-After-Free.html(af854a3a-2127-422b-91ae-364da2661108)
http://packetstormsecurity.com/files/155389/Microsoft-Windows-7-x86-BlueKeep-RDP-Use-After-Free.html(af854a3a-2127-422b-91ae-364da2661108)
http://packetstormsecurity.com/files/162960/Microsoft-RDP-Remote-Code-Execution.html(af854a3a-2127-422b-91ae-364da2661108)
http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190529-01-windows-en(af854a3a-2127-422b-91ae-364da2661108)
http://www.huawei.com/en/psirt/security-notices/huawei-sn-20190515-01-windows-en(af854a3a-2127-422b-91ae-364da2661108)
https://cert-portal.siemens.com/productcert/pdf/ssa-166360.pdf(af854a3a-2127-422b-91ae-364da2661108)
https://cert-portal.siemens.com/productcert/pdf/ssa-406175.pdf(af854a3a-2127-422b-91ae-364da2661108)
https://cert-portal.siemens.com/productcert/pdf/ssa-433987.pdf(af854a3a-2127-422b-91ae-364da2661108)
https://cert-portal.siemens.com/productcert/pdf/ssa-616199.pdf(af854a3a-2127-422b-91ae-364da2661108)
https://cert-portal.siemens.com/productcert/pdf/ssa-832947.pdf(af854a3a-2127-422b-91ae-364da2661108)
https://cert-portal.siemens.com/productcert/pdf/ssa-932041.pdf(af854a3a-2127-422b-91ae-364da2661108)
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0708(af854a3a-2127-422b-91ae-364da2661108)
https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2019-0708(134c704f-9b21-4f2e-91b3-4a467353bcc0)

IOC Korrelationen

Keine Korrelationen erfasst

This product uses data from the NVD API but is not endorsed or certified by the NVD.