CVE-2019-0708

Warning

Exploit

EPSS 94.45%
Published 16.05.2019 19:29:00
Last modified 07.04.2025 18:22:06
Source secure@microsoft.com
Teams watchlist Login
Open Login

A remote code execution vulnerability exists in Remote Desktop Services formerly known as Terminal Services when an unauthenticated attacker connects to the target system using RDP and sends specially crafted requests, aka 'Remote Desktop Services Remote Code Execution Vulnerability'.

Affected products Warnungen 1 Metrics 4 CWE 1 References 17

Data is provided by the National Vulnerability Database (NVD)

Microsoft ≫ Windows 7 Version- Updatesp1

Microsoft ≫ Windows Server 2008 Version- Updatesp2

Microsoft ≫ Windows Server 2008 Versionr2 Updatesp1

Siemens ≫ Axiom Multix M Firmware

Siemens ≫ Axiom Multix M Version-

Siemens ≫ Axiom Vertix Md Trauma Firmware

Siemens ≫ Axiom Vertix Md Trauma Version-

Siemens ≫ Axiom Vertix Solitaire M Firmware

Siemens ≫ Axiom Vertix Solitaire M Version-

Siemens ≫ Mobilett Xp Digital Firmware

Siemens ≫ Mobilett Xp Digital Version-

Siemens ≫ Multix Pro Acss P Firmware

Siemens ≫ Multix Pro Acss P Version-

Siemens ≫ Multix Pro P Firmware

Siemens ≫ Multix Pro P Version-

Siemens ≫ Multix Pro Firmware

Siemens ≫ Multix Pro Version-

Siemens ≫ Multix Pro Acss Firmware

Siemens ≫ Multix Pro Acss Version-

Siemens ≫ Multix Pro Navy Firmware

Siemens ≫ Multix Pro Navy Version-

Siemens ≫ Multix Swing Firmware

Siemens ≫ Multix Swing Version-

Siemens ≫ Multix Top Firmware

Siemens ≫ Multix Top Version-

Siemens ≫ Multix Top Acss Firmware

Siemens ≫ Multix Top Acss Version-

Siemens ≫ Multix Top P Firmware

Siemens ≫ Multix Top P Version-

Siemens ≫ Multix Top Acss P Firmware

Siemens ≫ Multix Top Acss P Version-

Siemens ≫ Vertix Solitaire Firmware

Siemens ≫ Vertix Solitaire Version-

Siemens ≫ Atellica Solution Firmware

Siemens ≫ Atellica Solution Version-

Siemens ≫ Aptio Firmware

Siemens ≫ Aptio Version-

Siemens ≫ Streamlab Firmware

Siemens ≫ Streamlab Version-

Siemens ≫ Centralink Firmware

Siemens ≫ Centralink Version-

Siemens ≫ Viva E Firmware

Siemens ≫ Viva E Version-

Siemens ≫ Viva Twin Firmware

Siemens ≫ Viva Twin Version-

Siemens ≫ Syngo Lab Process Manager

Siemens ≫ Rapidpoint 500 Firmware Version <= 2.3.2

Siemens ≫ Rapidpoint 500 Version-

Siemens ≫ Lantis Firmware

Siemens ≫ Lantis Version-

Huawei ≫ Agile Controller-campus Firmware Versionv100r002c00

Huawei ≫ Agile Controller-campus Version-

Huawei ≫ Agile Controller-campus Firmware Versionv100r002c10

Huawei ≫ Agile Controller-campus Version-

Huawei ≫ Bh620 V2 Firmware Versionv100r002c00

Huawei ≫ Bh620 V2 Version-

Huawei ≫ Bh621 V2 Firmware Versionv100r002c00

Huawei ≫ Bh621 V2 Version-

Huawei ≫ Bh622 V2 Firmware Versionv100r001c00

Huawei ≫ Bh622 V2 Version-

Huawei ≫ Bh640 V2 Firmware Versionv100r002c00

Huawei ≫ Bh640 V2 Version-

Huawei ≫ Ch121 Firmware Versionv100r001c00

Huawei ≫ Ch121 Version-

Huawei ≫ Ch140 Firmware Versionv100r001c00

Huawei ≫ Ch140 Version-

Huawei ≫ Ch220 Firmware Versionv100r001c00

Huawei ≫ Ch220 Version-

Huawei ≫ Ch221 Firmware Versionv100r001c00

Huawei ≫ Ch221 Version-

Huawei ≫ Ch222 Firmware Versionv100r002c00

Huawei ≫ Ch222 Version-

Huawei ≫ Ch240 Firmware Versionv100r001c00

Huawei ≫ Ch240 Version-

Huawei ≫ Ch242 Firmware Versionv100r001c00

Huawei ≫ Ch242 Version-

Huawei ≫ Ch242 V3 Firmware Versionv100r001c00

Huawei ≫ Ch242 V3 Version-

Huawei ≫ E6000 Firmware Versionv100r002c00

Huawei ≫ E6000 Version-

Huawei ≫ E6000 Chassis Firmware Versionv100r001c00

Huawei ≫ E6000 Chassis Version-

Huawei ≫ Gtsoftx3000 Firmware Versionv200r001c01spc100

Huawei ≫ Gtsoftx3000 Version-

Huawei ≫ Gtsoftx3000 Firmware Versionv200r002c00spc300

Huawei ≫ Gtsoftx3000 Version-

Huawei ≫ Gtsoftx3000 Firmware Versionv200r002c10spc100

Huawei ≫ Gtsoftx3000 Version-

Huawei ≫ Oceanstor 18500 Firmware Versionv100r001c30spc300

Huawei ≫ Oceanstor 18500 Version-

Huawei ≫ Oceanstor 18800 Firmware Versionv100r001c30spc300

Huawei ≫ Oceanstor 18800 Version-

Huawei ≫ Oceanstor 18800f Firmware Versionv100r001c30spc300

Huawei ≫ Oceanstor 18800f Version-

Huawei ≫ Oceanstor Hvs85t Firmware Versionv100r001c00

Huawei ≫ Oceanstor Hvs85t Version-

Huawei ≫ Oceanstor Hvs85t Firmware Versionv100r001c30spc200

Huawei ≫ Oceanstor Hvs85t Version-

Huawei ≫ Oceanstor Hvs88t Firmware Versionv100r001c00

Huawei ≫ Oceanstor Hvs88t Version-

Huawei ≫ Oceanstor Hvs88t Firmware Versionv100r001c30spc200

Huawei ≫ Oceanstor Hvs88t Version-

Huawei ≫ Rh1288 V2 Firmware Versionv100r002c00

Huawei ≫ Rh1288 V2 Version-

Huawei ≫ Rh1288a V2 Firmware Versionv100r002c00

Huawei ≫ Rh1288a V2 Version-

Huawei ≫ Rh2265 V2 Firmware Versionv100r002c00

Huawei ≫ Rh2265 V2 Version-

Huawei ≫ Rh2268 V2 Firmware Versionv100r002c00

Huawei ≫ Rh2268 V2 Version-

Huawei ≫ Rh2285 V2 Firmware Versionv100r002c00

Huawei ≫ Rh2285 V2 Version-

Huawei ≫ Rh2285h V2 Firmware Versionv100r002c00

Huawei ≫ Rh2285h V2 Version-

Huawei ≫ Rh2288 V2 Firmware Versionv100r002c00

Huawei ≫ Rh2288 V2 Version-

Huawei ≫ Rh2288a V2 Firmware Versionv100r002c00

Huawei ≫ Rh2288a V2 Version-

Huawei ≫ Rh2288e V2 Firmware Versionv100r002c00

Huawei ≫ Rh2288e V2 Version-

Huawei ≫ Rh2288h V2 Firmware Versionv100r002c00

Huawei ≫ Rh2288h V2 Version-

Huawei ≫ Rh2485 V2 Firmware Versionv100r002c00

Huawei ≫ Rh2485 V2 Version-

Huawei ≫ Rh5885 V2 Firmware Versionv100r001c00

Huawei ≫ Rh5885 V2 Version-

Huawei ≫ Rh5885 V3 Firmware Versionv100r003c00

Huawei ≫ Rh5885 V3 Version-

Huawei ≫ Smc2.0 Firmware Versionv500r002c00

Huawei ≫ Smc2.0 Version-

Huawei ≫ Smc2.0 Firmware Versionv600r006c00

Huawei ≫ Smc2.0 Version-

Huawei ≫ Seco Vsm Firmware Versionv200r002c00

Huawei ≫ Seco Vsm Version-

Huawei ≫ Uma Firmware Versionv200r001c00

Huawei ≫ Uma Version-

Huawei ≫ Uma Firmware Versionv300r001c00

Huawei ≫ Uma Version-

Huawei ≫ X6000 Firmware Versionv100r002c00

Huawei ≫ X6000 Version-

Huawei ≫ X8000 Firmware Versionv100r002c20

Huawei ≫ X8000 Version-

Huawei ≫ Elog Firmware Versionv200r003c10

Huawei ≫ Elog Version-

Huawei ≫ Espace Ecs Firmware Versionv300r001c00

Huawei ≫ Espace Ecs Version-

03.11.2021: CISA Known Exploited Vulnerabilities (KEV) Catalog

Microsoft Remote Desktop Services Remote Code Execution Vulnerability

Vulnerability

Microsoft Remote Desktop Services, formerly known as Terminal Service, contains an unspecified vulnerability that allows an unauthenticated attacker to connect to the target system using RDP and send specially crafted requests. Successful exploitation allows for remote code execution. The vulnerability is also known under the moniker of BlueKeep.

Description

Apply updates per vendor instructions.

Required actions

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	94.45%	1

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	9.8	3.9	5.9	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
nvd@nist.gov	10	10	10	AV:N/AC:L/Au:N/C:C/I:C/A:C
134c704f-9b21-4f2e-91b3-4a467353bcc0	9.8	3.9	5.9	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE-416 Use After Free

The product reuses or references memory after it has been freed. At some point afterward, the memory may be allocated again and saved in another pointer, while the original pointer references a location somewhere within the new allocation. Any operations using the original pointer are no longer valid because the memory "belongs" to the code that operates on the new pointer.

http://packetstormsecurity.com/files/153133/Microsoft-Windows-Remote-Desktop-BlueKeep-Denial-Of-Service.html

Third Party Advisory

Exploit

VDB Entry

http://packetstormsecurity.com/files/153627/Microsoft-Windows-RDP-BlueKeep-Denial-Of-Service.html

Third Party Advisory

Exploit

VDB Entry

http://packetstormsecurity.com/files/154579/BlueKeep-RDP-Remote-Windows-Kernel-Use-After-Free.html

Third Party Advisory

Exploit

VDB Entry