Search the Community
Showing results for tags 'cve-2019-1223'.
Found 1 result
-
CVE-2019-1181: https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/CVE-2019-1181 Pre authentication remote code execution in Remote Desktop Protocol on every version of Windows, including Windows 10, 2012, 2016 and 2019. CVSS 9.7 score. Exploitation more likely than not. CVE-2019-1182: https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/CVE-2019-1182 Pre authentication remote code execution in Remote Desktop Protocol on every version of Windows, including Windows 10, 2012, 2016 and 2019. CVSS 9.7 score. Exploitation more likely than not. CVE-2019-1222: https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/CVE-2019-1222 Pre authentication remote code execution in Remote Desktop Protocol on every version of Windows, including Windows 10, 2012, 2016 and 2019. CVSS 9.8 score. Exploitation more likely than not. CVE-2019-1223: https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/CVE-2019-1223 Unauthenticated denial of service with RDP. All versions. CVE-2019-1224: https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/CVE-2019-1224 Unauthenticated disclosure of memory. CVE-2019-1225: https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/CVE-2019-1225 authenticated disclosure of memory CVE-2019-1226: https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/CVE-2019-1226 Pre authentication remote code execution in Remote Desktop Protocol on every version of Windows, including Windows 10, 2012, 2016 and 2019. CVSS 9.8 score. Exploitation more likely than not. Exploits There are no known public exploits for these issues. Microsoft have built some private exploits. Severity It appears these are a collection of many different and serious vulnerabilities. BlueKeep was one vulnerability in near legacy versions of Windows; these are different vulnerabilities in modern Windows. Mitigations - Enable NLA and leave it enabled for all external and internal systems. This raises exploitation requirements to needing credentials for some of the issues - Some of these vulnerabilities are not exploitable on Windows 7 and 2008 if you haven’t enabled RDP 8+, aka RemoteFX (rich experiences) and the like. These are available by default in later versions of Windows. Wormable? Microsoft say yes: https://msrc-blog.microsoft.com/2019/08/13/patch-new-wormable-vulnerabilities-in-remote-desktop-services-cve-2019-1181-1182/ DejaBlue Funny name by @Michael Norris .
- 30 replies
-
- 3
-
-
-
- seven monkeys
- vulnerability
- (and 7 more)