Vulnerability-Lookup

BDU:2019-01846

Vulnerability from fstec - Published: 16.05.2019

Title

Уязвимость службы удаленного рабочего стола Remote Desktop Services (RDS) операционных систем Windows, позволяющая нарушителю выполнить произвольный код

Description

Уязвимость службы удаленного рабочего стола Remote Desktop Services (RDS) операционных систем Windows связана с ошибками обработки запросов. Эксплуатация уязвимости может позволить нарушителю, действующему удалённо,выполнить произвольный код с помощью специально созданного RDP-запроса

Severity ?


                    
                      AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Vendor

Intel Corp., Siemens AG

Software Name

Intel Pentium, Intel Celeron, SIMATIC IPC427C, SIMATIC IPC477C, SINUMERIK 840D sl, SINUMERIK TCU 30.3, SINUMERIK PCU 50.5, 8th Generation Intel Core, 8th Generation Intel Core i7, 5th Generation Intel Core, 9th Generation Intel Core, 4th Generation Intel Core, 3th Generation Intel Core, 6th Generation Intel Core, Legacy Intel Celeron, Legacy Intel Core, Legacy Intel Pentium, Intel Xeon E3, Intel Puma, Intel Atom C Series, Intel Pentium Silver Series, Intel Xeon E5 v3, Intel Xeon E7 v3, Intel Xeon E3 v3, Intel Xeon E Series, Intel Pentium Gold Series, Intel Celeron G Series, Intel Pentium J Series, Intel Pentium N Series, Intel Celeron J Series, Intel Celeron N Series, Intel Atom A Series, Intel Atom E3900 Series, Intel Xeon D, Intel Core X-series, Intel Xeon E5 v4, Intel Xeon E7 v4, Intel Xeon E3 v4, Intel Atom X series, Intel Xeon E5 v2, Intel Xeon E7 v2, Intel Xeon E3 v2, Intel Xeon E3 v6, Intel Xeon E5, Intel Xeon Scalable, Intel Xeon E3 v5, Intel Celeron W, Intel Atom Z series, Intel Atom E3800 Series, Intel Mobile Communications Platforms, SIMATIC Field PG M4, SIMATIC Field PG M5, SIMATIC Field PG M6, SIMATIC IPC377E, SIMATIC IPC347E, SIMATIC IPC327E, SIMATIC IPC427D, SIMATIC IPC427E, SIMATIC IPC477D, SIMATIC IPC477E, SIMATIC IPC477E Pro, SIMATIC IPC547E, SIMATIC IPC547G, SIMATIC IPC627C, SIMATIC IPC627D, SIMATIC IPC647C, SIMATIC IPC647D, SIMATIC IPC677C, SIMATIC IPC677D, SIMATIC IPC827C, SIMATIC IPC827D, SIMATIC IPC847C, SIMATIC IPC847D, SIMATIC IPC847E, SIMATIC IPC677E, SIMATIC IPC627E, SIMATIC IPC527G, SIMATIC IPC127E, SIMATIC IPC2X7E, SIMATIC IPC3000 SMART V2, SIMATIC ITP1000, SIMATIC S7-1500 CPU S7-1518-4 PN/DP MFP, SIMATIC S7-1500 CPU S7-1518F-4 PN/DP MFP, SIMOTION P320-4E, SIMOTION P320-4S, SINUMERIK Panels with integrated TCU

Software Version

- (Intel Pentium), - (Intel Celeron), - (SIMATIC IPC427C), - (SIMATIC IPC477C), - (SINUMERIK 840D sl), - (SINUMERIK TCU 30.3), - (SINUMERIK PCU 50.5), - (8th Generation Intel Core), - (8th Generation Intel Core i7), - (5th Generation Intel Core), - (9th Generation Intel Core), - (4th Generation Intel Core), - (3th Generation Intel Core), - (6th Generation Intel Core), - (Legacy Intel Celeron), - (Legacy Intel Core), - (Legacy Intel Pentium), - (Intel Xeon E3), - (Intel Puma), - (Intel Atom C Series), - (Intel Pentium Silver Series), - (Intel Xeon E5 v3), - (Intel Xeon E7 v3), - (Intel Xeon E3 v3), - (Intel Xeon E Series), - (Intel Pentium Gold Series), - (Intel Celeron G Series), - (Intel Pentium J Series), - (Intel Pentium N Series), - (Intel Celeron J Series), - (Intel Celeron N Series), - (Intel Atom A Series), - (Intel Atom E3900 Series), - (Intel Xeon D), - (Intel Core X-series), - (Intel Xeon E5 v4), - (Intel Xeon E7 v4), - (Intel Xeon E3 v4), - (Intel Atom X series), - (Intel Xeon E5 v2), - (Intel Xeon E7 v2), - (Intel Xeon E3 v2), - (Intel Xeon E3 v6), - (Intel Xeon E5), - (Intel Xeon Scalable), - (Intel Xeon E3 v5), - (Intel Celeron W), - (Intel Atom Z series), - (Intel Atom E3800 Series), - (Intel Mobile Communications Platforms), - (SIMATIC Field PG M4), - (SIMATIC Field PG M5), - (SIMATIC Field PG M6), - (SIMATIC IPC377E), - (SIMATIC IPC347E), - (SIMATIC IPC327E), - (SIMATIC IPC427D), до 21.01.11 (SIMATIC IPC427E), - (SIMATIC IPC477D), до 21.01.11 (SIMATIC IPC477E), до 21.01.11 (SIMATIC IPC477E Pro), - (SIMATIC IPC547E), - (SIMATIC IPC547G), - (SIMATIC IPC627C), - (SIMATIC IPC627D), - (SIMATIC IPC647C), - (SIMATIC IPC647D), - (SIMATIC IPC677C), - (SIMATIC IPC677D), - (SIMATIC IPC827C), - (SIMATIC IPC827D), - (SIMATIC IPC847C), - (SIMATIC IPC847D), до 25.02.04 (SIMATIC IPC847E), до 25.02.04 (SIMATIC IPC677E), до 25.02.04 (SIMATIC IPC627E), - (SIMATIC IPC527G), - (SIMATIC IPC127E), - (SIMATIC IPC2X7E), - (SIMATIC IPC3000 SMART V2), - (SIMATIC ITP1000), - (SIMATIC S7-1500 CPU S7-1518-4 PN/DP MFP), - (SIMATIC S7-1500 CPU S7-1518F-4 PN/DP MFP), - (SIMOTION P320-4E), - (SIMOTION P320-4S), - (SINUMERIK Panels with integrated TCU)

Possible Mitigations

Для ОС Windows использование рекомендаций: https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0708 Для Sensis SIS Server Machine, Mat. Nr. 06648153 VC11D, VC12M, VD11B, Sensis SIS Server Machine, Mat. Nr. 10140973 VC11D, VC12M, SENSIS Dell High-End Server (VC12), Mat. Nr. 10910620 VC12M и VM SIS Virtual Server, Mat. Nr. 10765502 VC12M до AX037/19/P Для Sensis SIS Server Machine, Mat. Nr. 06648153 VC11C и Sensis SIS Server Machine, Mat. Nr. 10140973 VC11C, до VC11D для последующего обновления до AX037/19/P Для Sensis SIS Server Machine, Mat. Nr. 06648153 VC12B/C, VC12L, Sensis SIS Server Machine, Mat. Nr. 10140973 VC1B/C, VC12L, SENSIS Dell High-End Server (VC12), Mat. Nr. 10910620 VC12B/C, VC12L и VM SIS Virtual Server, Mat. Nr. 10765502 VC12L до VC12M для последующего обновления до AX037/19/P Для Sensis SIS Server Machine, Mat. Nr. 06648153 VD11A до VD11B для последующего обновления до AX037/19/P Для Atellica COAG 360 использование рекомендаций: https://doclib.healthcare.siemens.com/home Для Atellica NEPH 630 использование рекомендаций: https://doclib.healthcare.siemens.com/home Для BCS XP использование рекомендаций: https://doclib.healthcare.siemens.com/home Для BN ProSpec использование рекомендаций: https://doclib.healthcare.siemens.com/home Для CS 2000, CS 2100, CS 2500, CS 5100 компенсирующие меры: Блокировка порта 3389/TCP Настроить процедуры резервного копирования и восстановления системы Защитить внешнюю среду в соответствии с рекомендациями Microsoft Для SYSTEM ACOM.NET, Mat. Nr. 04815549, System ACOM.net 2.0, Mat. Nr. 05568386 и System ACOM-Net, Mat. Nr. 5903872 VC20A, VC21B, VC22B, VX22A: Отключить обновления протокола удаленного рабочего стола

Reference

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0708 https://nvd.nist.gov/vuln/detail/CVE-2019-0708 https://cert-portal.siemens.com/productcert/pdf/ssa-616199.pdf https://cert-portal.siemens.com/productcert/pdf/ssa-832947.pdf https://cert-portal.siemens.com/productcert/pdf/ssa-166360.pdf https://doclib.healthcare.siemens.com/home

CWE

CWE-20

JSON

To clipboard

{
  "CVSS 2.0": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
  "CVSS 3.0": "AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
  "CVSS 4.0": null,
  "remediation_\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": null,
  "remediation_\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435": null,
  "\u0412\u0435\u043d\u0434\u043e\u0440 \u041f\u041e": "Intel Corp., Siemens AG",
  "\u0412\u0435\u0440\u0441\u0438\u044f \u041f\u041e": "- (Intel Pentium), - (Intel Celeron), - (SIMATIC IPC427C), - (SIMATIC IPC477C), - (SINUMERIK 840D sl), - (SINUMERIK TCU 30.3), - (SINUMERIK PCU 50.5), - (8th Generation Intel Core), - (8th Generation Intel Core i7), - (5th Generation Intel Core), - (9th Generation Intel Core), - (4th Generation Intel Core), - (3th Generation Intel Core), - (6th Generation Intel Core), - (Legacy Intel Celeron), - (Legacy Intel Core), - (Legacy Intel Pentium), - (Intel Xeon E3), - (Intel Puma), - (Intel Atom C Series), - (Intel Pentium Silver Series), - (Intel Xeon E5 v3), - (Intel Xeon E7 v3), - (Intel Xeon E3 v3), - (Intel Xeon E Series), - (Intel Pentium Gold Series), - (Intel Celeron G Series), - (Intel Pentium J Series), - (Intel Pentium N Series), - (Intel Celeron J Series), - (Intel Celeron N Series), - (Intel Atom A Series), - (Intel Atom E3900 Series), - (Intel Xeon D), - (Intel Core X-series), - (Intel Xeon E5 v4), - (Intel Xeon E7 v4), - (Intel Xeon E3 v4), - (Intel Atom X series), - (Intel Xeon E5 v2), - (Intel Xeon E7 v2), - (Intel Xeon E3 v2), - (Intel Xeon E3 v6), - (Intel Xeon E5), - (Intel Xeon Scalable), - (Intel Xeon E3 v5), - (Intel Celeron W), - (Intel Atom Z series), - (Intel Atom E3800 Series), - (Intel Mobile Communications Platforms), - (SIMATIC Field PG M4), - (SIMATIC Field PG M5), - (SIMATIC Field PG M6), - (SIMATIC IPC377E), - (SIMATIC IPC347E), - (SIMATIC IPC327E), - (SIMATIC IPC427D), \u0434\u043e 21.01.11 (SIMATIC IPC427E), - (SIMATIC IPC477D), \u0434\u043e 21.01.11 (SIMATIC IPC477E), \u0434\u043e 21.01.11 (SIMATIC IPC477E Pro), - (SIMATIC IPC547E), - (SIMATIC IPC547G), - (SIMATIC IPC627C), - (SIMATIC IPC627D), - (SIMATIC IPC647C), - (SIMATIC IPC647D), - (SIMATIC IPC677C), - (SIMATIC IPC677D), - (SIMATIC IPC827C), - (SIMATIC IPC827D), - (SIMATIC IPC847C), - (SIMATIC IPC847D), \u0434\u043e 25.02.04 (SIMATIC IPC847E), \u0434\u043e 25.02.04 (SIMATIC IPC677E), \u0434\u043e 25.02.04 (SIMATIC IPC627E), - (SIMATIC IPC527G), - (SIMATIC IPC127E), - (SIMATIC IPC2X7E), - (SIMATIC IPC3000 SMART V2), - (SIMATIC ITP1000), - (SIMATIC S7-1500 CPU S7-1518-4 PN/DP MFP), - (SIMATIC S7-1500 CPU S7-1518F-4 PN/DP MFP), - (SIMOTION P320-4E), - (SIMOTION P320-4S), - (SINUMERIK Panels with integrated TCU)",
  "\u0412\u043e\u0437\u043c\u043e\u0436\u043d\u044b\u0435 \u043c\u0435\u0440\u044b \u043f\u043e \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044e": "\u0414\u043b\u044f \u041e\u0421 Windows \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0439: \nhttps://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0708\n\n\u0414\u043b\u044f Sensis SIS Server Machine, Mat. Nr. 06648153 VC11D, VC12M, VD11B, Sensis SIS Server Machine, Mat. Nr. 10140973 VC11D, VC12M, SENSIS Dell High-End Server (VC12), Mat. Nr. 10910620 VC12M \u0438 VM SIS Virtual Server, Mat. Nr. 10765502 VC12M \u0434\u043e AX037/19/P\n\u0414\u043b\u044f Sensis SIS Server Machine, Mat. Nr. 06648153 VC11C \u0438 Sensis SIS Server Machine, Mat. Nr. 10140973 VC11C, \u0434\u043e VC11D \u0434\u043b\u044f \u043f\u043e\u0441\u043b\u0435\u0434\u0443\u044e\u0449\u0435\u0433\u043e \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u0434\u043e AX037/19/P\n\u0414\u043b\u044f Sensis SIS Server Machine, Mat. Nr. 06648153 VC12B/C, VC12L, Sensis SIS Server Machine, Mat. Nr. 10140973 VC1B/C, VC12L, SENSIS Dell High-End Server (VC12), Mat. Nr. 10910620 VC12B/C, VC12L \u0438 VM SIS Virtual Server, Mat. Nr. 10765502 VC12L  \u0434\u043e VC12M \u0434\u043b\u044f \u043f\u043e\u0441\u043b\u0435\u0434\u0443\u044e\u0449\u0435\u0433\u043e \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u0434\u043e  AX037/19/P\n\u0414\u043b\u044f Sensis SIS Server Machine, Mat. Nr. 06648153 VD11A \u0434\u043e VD11B \u0434\u043b\u044f \u043f\u043e\u0441\u043b\u0435\u0434\u0443\u044e\u0449\u0435\u0433\u043e \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u0434\u043e AX037/19/P\n\u0414\u043b\u044f Atellica COAG 360 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0439: \nhttps://doclib.healthcare.siemens.com/home\n\u0414\u043b\u044f Atellica NEPH 630 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0439: \nhttps://doclib.healthcare.siemens.com/home\n\u0414\u043b\u044f BCS XP \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0439:\nhttps://doclib.healthcare.siemens.com/home\n\u0414\u043b\u044f BN ProSpec \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0439: \nhttps://doclib.healthcare.siemens.com/home\n\n\u0414\u043b\u044f CS 2000, CS 2100, CS 2500, CS 5100 \u043a\u043e\u043c\u043f\u0435\u043d\u0441\u0438\u0440\u0443\u044e\u0449\u0438\u0435 \u043c\u0435\u0440\u044b: \n\u0411\u043b\u043e\u043a\u0438\u0440\u043e\u0432\u043a\u0430 \u043f\u043e\u0440\u0442\u0430 3389/TCP\n\u041d\u0430\u0441\u0442\u0440\u043e\u0438\u0442\u044c \u043f\u0440\u043e\u0446\u0435\u0434\u0443\u0440\u044b \u0440\u0435\u0437\u0435\u0440\u0432\u043d\u043e\u0433\u043e \u043a\u043e\u043f\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u044f \u0438 \u0432\u043e\u0441\u0441\u0442\u0430\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u0441\u0438\u0441\u0442\u0435\u043c\u044b\n\u0417\u0430\u0449\u0438\u0442\u0438\u0442\u044c \u0432\u043d\u0435\u0448\u043d\u044e\u044e \u0441\u0440\u0435\u0434\u0443 \u0432 \u0441\u043e\u043e\u0442\u0432\u0435\u0442\u0441\u0442\u0432\u0438\u0438 \u0441 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u044f\u043c\u0438 Microsoft\n\n\u0414\u043b\u044f SYSTEM ACOM.NET, Mat. Nr. 04815549, System ACOM.net 2.0, Mat. Nr. 05568386 \u0438 System ACOM-Net, Mat. Nr. 5903872   VC20A, VC21B, VC22B, VX22A:\n\u041e\u0442\u043a\u043b\u044e\u0447\u0438\u0442\u044c \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u043f\u0440\u043e\u0442\u043e\u043a\u043e\u043b\u0430 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u0433\u043e \u0440\u0430\u0431\u043e\u0447\u0435\u0433\u043e \u0441\u0442\u043e\u043b\u0430",
  "\u0414\u0430\u0442\u0430 \u0432\u044b\u044f\u0432\u043b\u0435\u043d\u0438\u044f": "16.05.2019",
  "\u0414\u0430\u0442\u0430 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0435\u0433\u043e \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f": "23.03.2021",
  "\u0414\u0430\u0442\u0430 \u043f\u0443\u0431\u043b\u0438\u043a\u0430\u0446\u0438\u0438": "31.05.2019",
  "\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": "BDU:2019-01846",
  "\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440\u044b \u0434\u0440\u0443\u0433\u0438\u0445 \u0441\u0438\u0441\u0442\u0435\u043c \u043e\u043f\u0438\u0441\u0430\u043d\u0438\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "CVE-2019-0708",
  "\u0418\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f \u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0430",
  "\u041a\u043b\u0430\u0441\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043a\u043e\u0434\u0430",
  "\u041d\u0430\u0437\u0432\u0430\u043d\u0438\u0435 \u041f\u041e": "Intel Pentium, Intel Celeron, SIMATIC IPC427C, SIMATIC IPC477C, SINUMERIK 840D sl, SINUMERIK TCU 30.3, SINUMERIK PCU 50.5, 8th Generation Intel Core, 8th Generation Intel Core i7, 5th Generation Intel Core, 9th Generation Intel Core, 4th Generation Intel Core, 3th Generation Intel Core, 6th Generation Intel Core, Legacy Intel Celeron, Legacy Intel Core, Legacy Intel Pentium, Intel Xeon E3, Intel Puma, Intel Atom C Series, Intel Pentium Silver Series, Intel Xeon E5 v3, Intel Xeon E7 v3, Intel Xeon E3 v3, Intel Xeon E Series, Intel Pentium Gold Series, Intel Celeron G Series, Intel Pentium J Series, Intel Pentium N Series, Intel Celeron J Series, Intel Celeron N Series, Intel Atom A Series, Intel Atom E3900 Series, Intel Xeon D, Intel Core X-series, Intel Xeon E5 v4, Intel Xeon E7 v4, Intel Xeon E3 v4, Intel Atom X series, Intel Xeon E5 v2, Intel Xeon E7 v2, Intel Xeon E3 v2, Intel Xeon E3 v6, Intel Xeon E5, Intel Xeon Scalable, Intel Xeon E3 v5, Intel Celeron W, Intel Atom Z series, Intel Atom E3800 Series, Intel Mobile Communications Platforms, SIMATIC Field PG M4, SIMATIC Field PG M5, SIMATIC Field PG M6, SIMATIC IPC377E, SIMATIC IPC347E, SIMATIC IPC327E, SIMATIC IPC427D, SIMATIC IPC427E, SIMATIC IPC477D, SIMATIC IPC477E, SIMATIC IPC477E Pro, SIMATIC IPC547E, SIMATIC IPC547G, SIMATIC IPC627C, SIMATIC IPC627D, SIMATIC IPC647C, SIMATIC IPC647D, SIMATIC IPC677C, SIMATIC IPC677D, SIMATIC IPC827C, SIMATIC IPC827D, SIMATIC IPC847C, SIMATIC IPC847D, SIMATIC IPC847E, SIMATIC IPC677E, SIMATIC IPC627E, SIMATIC IPC527G, SIMATIC IPC127E, SIMATIC IPC2X7E, SIMATIC IPC3000 SMART V2, SIMATIC ITP1000, SIMATIC S7-1500 CPU S7-1518-4 PN/DP MFP, SIMATIC S7-1500 CPU S7-1518F-4 PN/DP MFP, SIMOTION P320-4E, SIMOTION P320-4S, SINUMERIK Panels with integrated TCU",
  "\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u041e\u0421 \u0438 \u0442\u0438\u043f \u0430\u043f\u043f\u0430\u0440\u0430\u0442\u043d\u043e\u0439 \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u044b": "Microsoft Corp Windows 7 Service Pack 1 - 64-bit, Microsoft Corp Windows 7 Service Pack 1 - 32-bit, Microsoft Corp Windows Server 2008 R2 Service Pack 1 - , Microsoft Corp Windows Server 2008 Service Pack 2 - , Microsoft Corp Windows Server 2008 Service Pack 2 (Server Core Installation) - ",
  "\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0441\u043b\u0443\u0436\u0431\u044b \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u0433\u043e \u0440\u0430\u0431\u043e\u0447\u0435\u0433\u043e \u0441\u0442\u043e\u043b\u0430 Remote Desktop Services (RDS) \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u044b\u0445 \u0441\u0438\u0441\u0442\u0435\u043c Windows, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0430\u044f \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e \u0432\u044b\u043f\u043e\u043b\u043d\u0438\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0439 \u043a\u043e\u0434",
  "\u041d\u0430\u043b\u0438\u0447\u0438\u0435 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u0430": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
  "\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "\u041d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043e\u0447\u043d\u0430\u044f \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0430 \u0432\u0432\u043e\u0434\u0438\u043c\u044b\u0445 \u0434\u0430\u043d\u043d\u044b\u0445 (CWE-20)",
  "\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0441\u043b\u0443\u0436\u0431\u044b \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u0433\u043e \u0440\u0430\u0431\u043e\u0447\u0435\u0433\u043e \u0441\u0442\u043e\u043b\u0430 Remote Desktop Services (RDS) \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u044b\u0445 \u0441\u0438\u0441\u0442\u0435\u043c Windows \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 \u043e\u0448\u0438\u0431\u043a\u0430\u043c\u0438 \u043e\u0431\u0440\u0430\u0431\u043e\u0442\u043a\u0438 \u0437\u0430\u043f\u0440\u043e\u0441\u043e\u0432. \u042d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e, \u0434\u0435\u0439\u0441\u0442\u0432\u0443\u044e\u0449\u0435\u043c\u0443 \u0443\u0434\u0430\u043b\u0451\u043d\u043d\u043e,\u0432\u044b\u043f\u043e\u043b\u043d\u0438\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0439 \u043a\u043e\u0434 \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u0441\u043e\u0437\u0434\u0430\u043d\u043d\u043e\u0433\u043e RDP-\u0437\u0430\u043f\u0440\u043e\u0441\u0430",
  "\u041f\u043e\u0441\u043b\u0435\u0434\u0441\u0442\u0432\u0438\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": null,
  "\u041f\u0440\u043e\u0447\u0430\u044f \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043f\u043e\u043b\u0443\u0447\u0438\u043b\u0430 \u043d\u0430\u0437\u0432\u0430\u043d\u0438\u0435 Blue Keeper\n\u041f\u0440\u043e\u0434\u0443\u043a\u0442\u044b Siemens AG: Atellica COAG 360, Atellica NEPH 630, BCS XP, BN ProSpec, CS 2000, CS 2100, CS 2500, CS 5100, \u0443\u044f\u0437\u0432\u0438\u043c\u044b \u0442\u043e\u043b\u044c\u043a\u043e \u043d\u0430 Windows 7 \u0438\u043b\u0438 Windows XP",
  "\u0421\u0432\u044f\u0437\u044c \u0441 \u0438\u043d\u0446\u0438\u0434\u0435\u043d\u0442\u0430\u043c\u0438 \u0418\u0411": "\u0414\u0430",
  "\u0421\u043e\u0441\u0442\u043e\u044f\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043d\u0430",
  "\u0421\u043f\u043e\u0441\u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f": "\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f",
  "\u0421\u043f\u043e\u0441\u043e\u0431 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438": "\u041c\u0430\u043d\u0438\u043f\u0443\u043b\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u0435 \u0440\u0435\u0441\u0443\u0440\u0441\u0430\u043c\u0438",
  "\u0421\u0441\u044b\u043b\u043a\u0438 \u043d\u0430 \u0438\u0441\u0442\u043e\u0447\u043d\u0438\u043a\u0438": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0708\nhttps://nvd.nist.gov/vuln/detail/CVE-2019-0708\nhttps://cert-portal.siemens.com/productcert/pdf/ssa-616199.pdf\nhttps://cert-portal.siemens.com/productcert/pdf/ssa-832947.pdf\nhttps://cert-portal.siemens.com/productcert/pdf/ssa-166360.pdf\nhttps://doclib.healthcare.siemens.com/home",
  "\u0421\u0442\u0430\u0442\u0443\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041f\u043e\u0434\u0442\u0432\u0435\u0440\u0436\u0434\u0435\u043d\u0430 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u0435\u043c",
  "\u0422\u0438\u043f \u041f\u041e": "\u041f\u041e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e-\u0430\u043f\u043f\u0430\u0440\u0430\u0442\u043d\u043e\u0433\u043e \u0441\u0440\u0435\u0434\u0441\u0442\u0432\u0430, \u041f\u041e \u0441\u0435\u0442\u0435\u0432\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e-\u0430\u043f\u043f\u0430\u0440\u0430\u0442\u043d\u043e\u0433\u043e \u0441\u0440\u0435\u0434\u0441\u0442\u0432\u0430, \u041f\u041e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e-\u0430\u043f\u043f\u0430\u0440\u0430\u0442\u043d\u043e\u0433\u043e \u0441\u0440\u0435\u0434\u0441\u0442\u0432\u0430 \u0410\u0421\u0423 \u0422\u041f, \u041f\u041e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e-\u0430\u043f\u043f\u0430\u0440\u0430\u0442\u043d\u044b\u0445 \u0441\u0440\u0435\u0434\u0441\u0442\u0432 \u0437\u0430\u0449\u0438\u0442\u044b, \u041c\u0438\u043a\u0440\u043e\u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u044b\u0439 \u043a\u043e\u0434, \u0421\u0440\u0435\u0434\u0441\u0442\u0432\u043e \u0410\u0421\u0423 \u0422\u041f",
  "\u0422\u0438\u043f \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "CWE-20",
  "\u0423\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 2.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 10)\n\u041a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 3.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 9,8)"
}

CVE-2019-0708 (GCVE-0-2019-0708)

Vulnerability from cvelistv5 – Published: 2019-05-16 18:17 – Updated: 2025-10-21 23:45

Summary

A remote code execution vulnerability exists in Remote Desktop Services formerly known as Terminal Services when an unauthenticated attacker connects to the target system using RDP and sends specially crafted requests, aka 'Remote Desktop Services Remote Code Execution Vulnerability'.

Severity ?

9.8 (Critical)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE

Remote Code Execution

Assigner

microsoft

References

URL

Tags

	https://portal.msrc.microsoft.com/en-US/security-…	x_refsource_MISC
	https://cert-portal.siemens.com/productcert/pdf/s…	x_refsource_CONFIRM
	https://cert-portal.siemens.com/productcert/pdf/s…	x_refsource_CONFIRM
	https://cert-portal.siemens.com/productcert/pdf/s…	x_refsource_CONFIRM
	https://cert-portal.siemens.com/productcert/pdf/s…	x_refsource_CONFIRM
	https://cert-portal.siemens.com/productcert/pdf/s…	x_refsource_CONFIRM
	https://cert-portal.siemens.com/productcert/pdf/s…	x_refsource_CONFIRM
	http://www.huawei.com/en/psirt/security-advisorie…	x_refsource_CONFIRM
	http://www.huawei.com/en/psirt/security-notices/h…	x_refsource_CONFIRM
	http://packetstormsecurity.com/files/153133/Micro…	x_refsource_MISC
	http://packetstormsecurity.com/files/153627/Micro…	x_refsource_MISC
	http://packetstormsecurity.com/files/154579/BlueK…	x_refsource_MISC
	http://packetstormsecurity.com/files/155389/Micro…	x_refsource_MISC
	http://packetstormsecurity.com/files/162960/Micro…	x_refsource_MISC

Impacted products

Vendor

Product

Version

Microsoft

Windows

Affected: 7 for 32-bit Systems Service Pack 1
Affected: 7 for x64-based Systems Service Pack 1

Microsoft

Windows Server

Affected: 2008 R2 for x64-based Systems Service Pack 1 (Core installation)
Affected: 2008 R2 for Itanium-Based Systems Service Pack 1
Affected: 2008 R2 for x64-based Systems Service Pack 1
Affected: 2008 for 32-bit Systems Service Pack 2 (Core installation)
Affected: 2008 for Itanium-Based Systems Service Pack 2
Affected: 2008 for 32-bit Systems Service Pack 2
Affected: 2008 for x64-based Systems Service Pack 2
Affected: 2008 for x64-based Systems Service Pack 2 (Core installation)

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T17:51:27.186Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0708"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-932041.pdf"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-616199.pdf"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-433987.pdf"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-832947.pdf"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-166360.pdf"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-406175.pdf"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190529-01-windows-en"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.huawei.com/en/psirt/security-notices/huawei-sn-20190515-01-windows-en"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://packetstormsecurity.com/files/153133/Microsoft-Windows-Remote-Desktop-BlueKeep-Denial-Of-Service.html"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://packetstormsecurity.com/files/153627/Microsoft-Windows-RDP-BlueKeep-Denial-Of-Service.html"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://packetstormsecurity.com/files/154579/BlueKeep-RDP-Remote-Windows-Kernel-Use-After-Free.html"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://packetstormsecurity.com/files/155389/Microsoft-Windows-7-x86-BlueKeep-RDP-Use-After-Free.html"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://packetstormsecurity.com/files/162960/Microsoft-RDP-Remote-Code-Execution.html"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "NETWORK",
              "availabilityImpact": "HIGH",
              "baseScore": 9.8,
              "baseSeverity": "CRITICAL",
              "confidentialityImpact": "HIGH",
              "integrityImpact": "HIGH",
              "privilegesRequired": "NONE",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2019-0708",
                "options": [
                  {
                    "Exploitation": "active"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-02-07T16:17:22.676231Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          },
          {
            "other": {
              "content": {
                "dateAdded": "2021-11-03",
                "reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2019-0708"
              },
              "type": "kev"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-416",
                "description": "CWE-416 Use After Free",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-10-21T23:45:37.137Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "references": [
          {
            "tags": [
              "government-resource"
            ],
            "url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2019-0708"
          }
        ],
        "timeline": [
          {
            "lang": "en",
            "time": "2021-11-03T00:00:00.000Z",
            "value": "CVE-2019-0708 added to CISA KEV"
          }
        ],
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Windows",
          "vendor": "Microsoft",
          "versions": [
            {
              "status": "affected",
              "version": "7 for 32-bit Systems Service Pack 1"
            },
            {
              "status": "affected",
              "version": "7 for x64-based Systems Service Pack 1"
            }
          ]
        },
        {
          "product": "Windows Server",
          "vendor": "Microsoft",
          "versions": [
            {
              "status": "affected",
              "version": "2008 R2 for x64-based Systems Service Pack 1 (Core installation)"
            },
            {
              "status": "affected",
              "version": "2008 R2 for Itanium-Based Systems Service Pack 1"
            },
            {
              "status": "affected",
              "version": "2008 R2 for x64-based Systems Service Pack 1"
            },
            {
              "status": "affected",
              "version": "2008 for 32-bit Systems Service Pack 2 (Core installation)"
            },
            {
              "status": "affected",
              "version": "2008 for Itanium-Based Systems Service Pack 2"
            },
            {
              "status": "affected",
              "version": "2008 for 32-bit Systems Service Pack 2"
            },
            {
              "status": "affected",
              "version": "2008 for x64-based Systems Service Pack 2"
            },
            {
              "status": "affected",
              "version": "2008 for x64-based Systems Service Pack 2 (Core installation)"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A remote code execution vulnerability exists in Remote Desktop Services formerly known as Terminal Services when an unauthenticated attacker connects to the target system using RDP and sends specially crafted requests, aka \u0027Remote Desktop Services Remote Code Execution Vulnerability\u0027."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Remote Code Execution",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2021-06-03T17:06:16.000Z",
        "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
        "shortName": "microsoft"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0708"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-932041.pdf"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-616199.pdf"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-433987.pdf"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-832947.pdf"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-166360.pdf"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-406175.pdf"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190529-01-windows-en"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.huawei.com/en/psirt/security-notices/huawei-sn-20190515-01-windows-en"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://packetstormsecurity.com/files/153133/Microsoft-Windows-Remote-Desktop-BlueKeep-Denial-Of-Service.html"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://packetstormsecurity.com/files/153627/Microsoft-Windows-RDP-BlueKeep-Denial-Of-Service.html"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://packetstormsecurity.com/files/154579/BlueKeep-RDP-Remote-Windows-Kernel-Use-After-Free.html"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://packetstormsecurity.com/files/155389/Microsoft-Windows-7-x86-BlueKeep-RDP-Use-After-Free.html"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://packetstormsecurity.com/files/162960/Microsoft-RDP-Remote-Code-Execution.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "secure@microsoft.com",
          "ID": "CVE-2019-0708",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Windows",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "7 for 32-bit Systems Service Pack 1"
                          },
                          {
                            "version_value": "7 for x64-based Systems Service Pack 1"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "Windows Server",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "2008 R2 for x64-based Systems Service Pack 1 (Core installation)"
                          },
                          {
                            "version_value": "2008 R2 for Itanium-Based Systems Service Pack 1"
                          },
                          {
                            "version_value": "2008 R2 for x64-based Systems Service Pack 1"
                          },
                          {
                            "version_value": "2008 for 32-bit Systems Service Pack 2 (Core installation)"
                          },
                          {
                            "version_value": "2008 for Itanium-Based Systems Service Pack 2"
                          },
                          {
                            "version_value": "2008 for 32-bit Systems Service Pack 2"
                          },
                          {
                            "version_value": "2008 for x64-based Systems Service Pack 2"
                          },
                          {
                            "version_value": "2008 for x64-based Systems Service Pack 2 (Core installation)"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Microsoft"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A remote code execution vulnerability exists in Remote Desktop Services formerly known as Terminal Services when an unauthenticated attacker connects to the target system using RDP and sends specially crafted requests, aka \u0027Remote Desktop Services Remote Code Execution Vulnerability\u0027."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "Remote Code Execution"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0708",
              "refsource": "MISC",
              "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0708"
            },
            {
              "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-932041.pdf",
              "refsource": "CONFIRM",
              "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-932041.pdf"
            },
            {
              "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-616199.pdf",
              "refsource": "CONFIRM",
              "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-616199.pdf"
            },
            {
              "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-433987.pdf",
              "refsource": "CONFIRM",
              "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-433987.pdf"
            },
            {
              "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-832947.pdf",
              "refsource": "CONFIRM",
              "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-832947.pdf"
            },
            {
              "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-166360.pdf",
              "refsource": "CONFIRM",
              "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-166360.pdf"
            },
            {
              "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-406175.pdf",
              "refsource": "CONFIRM",
              "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-406175.pdf"
            },
            {
              "name": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190529-01-windows-en",
              "refsource": "CONFIRM",
              "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190529-01-windows-en"
            },
            {
              "name": "http://www.huawei.com/en/psirt/security-notices/huawei-sn-20190515-01-windows-en",
              "refsource": "CONFIRM",
              "url": "http://www.huawei.com/en/psirt/security-notices/huawei-sn-20190515-01-windows-en"
            },
            {
              "name": "http://packetstormsecurity.com/files/153133/Microsoft-Windows-Remote-Desktop-BlueKeep-Denial-Of-Service.html",
              "refsource": "MISC",
              "url": "http://packetstormsecurity.com/files/153133/Microsoft-Windows-Remote-Desktop-BlueKeep-Denial-Of-Service.html"
            },
            {
              "name": "http://packetstormsecurity.com/files/153627/Microsoft-Windows-RDP-BlueKeep-Denial-Of-Service.html",
              "refsource": "MISC",
              "url": "http://packetstormsecurity.com/files/153627/Microsoft-Windows-RDP-BlueKeep-Denial-Of-Service.html"
            },
            {
              "name": "http://packetstormsecurity.com/files/154579/BlueKeep-RDP-Remote-Windows-Kernel-Use-After-Free.html",
              "refsource": "MISC",
              "url": "http://packetstormsecurity.com/files/154579/BlueKeep-RDP-Remote-Windows-Kernel-Use-After-Free.html"
            },
            {
              "name": "http://packetstormsecurity.com/files/155389/Microsoft-Windows-7-x86-BlueKeep-RDP-Use-After-Free.html",
              "refsource": "MISC",
              "url": "http://packetstormsecurity.com/files/155389/Microsoft-Windows-7-x86-BlueKeep-RDP-Use-After-Free.html"
            },
            {
              "name": "http://packetstormsecurity.com/files/162960/Microsoft-RDP-Remote-Code-Execution.html",
              "refsource": "MISC",
              "url": "http://packetstormsecurity.com/files/162960/Microsoft-RDP-Remote-Code-Execution.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
    "assignerShortName": "microsoft",
    "cveId": "CVE-2019-0708",
    "datePublished": "2019-05-16T18:17:00.000Z",
    "dateReserved": "2018-11-26T00:00:00.000Z",
    "dateUpdated": "2025-10-21T23:45:37.137Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

BDU:2019-01846

CVE-2019-0708 (GCVE-0-2019-0708)

Tags

Sightings

Nomenclature