Jump to content
OpenSecurity.global

Search the Community

Showing results for tags 'cve-2019-1223'.


More search options

  • Search By Tags

    Type tags separated by commas.

  • Search By Author

Content Type


Forums

  • Cybersecurity
    • General Discussion
    • Questions
    • TLP Rainbow
    • Vulnerabilities
  • Dataleaks
    • Publicly disclosed
    • In flight remediation process
  • OpenSecurity.global
  • Privacy's General Discussion
  • Weird malware samples's -- discussion
  • Video game nasties's games games games
  • The Authenticationverse's Topics
  • The Podcast Club's Podcast Discussion
  • Conferences's BlackHat/Defcon/BSidesLV 2019
  • Conferences's EU Conferences
  • Conferences's UK Conferences
  • Conferences's BSides Conferences
  • Conferences's CCC
  • Open Source Intelligence (OSINT)'s OSINT Tools
  • Open Source Intelligence (OSINT)'s Techniques
  • Open Source Intelligence (OSINT)'s War Stories
  • Memes and Shitposting's Meme Safari
  • Reverse Engineering's Discussion
  • Exploit Development's Exploit Dev Chat
  • Security Research's Weekly Questions
  • Security Research's General Discussion
  • Irish Infosec's MeetUps
  • Irish Infosec's Only_In_Ireland
  • Irish Infosec's General Irish Chat
  • Live In a Simulation?'s Arguments for simulation
  • Cyber pets's CYBER PETS FROM THE FUTURE
  • Pond Diplomacy's Topics
  • Blue Team Club's Topics
  • Red Team Club's Topics
  • Pop Culture's Discuss Amazon's The Boys
  • Pop Culture's Disney’s The Lyin King
  • Pop Culture's Free For All
  • Mentoring's Conference Speaking
  • Mentoring's Career Progression
  • Careers's We're Hiring!
  • Careers's I'm Looking!
  • Careers's I want to break in!
  • Careers's CV Help or Career Guidance
  • DFIR's General DFIR
  • DFIR's Tools
  • Incident Response's Incident Response playbooks
  • Login Abuse and ATO Fraud detection/Mitigation techniques.'s Login Abuse and ATO Fraud detection/Mitigation techniques.
  • Yorkshire (UK) InfoSec's Misc Topics
  • Yorkshire (UK) InfoSec's Leeds
  • Yorkshire (UK) InfoSec's Sheffield
  • Colorado InfoSec's Meetups
  • Social Engineering's General SE Fun
  • Social Engineering's Defense
  • Social Engineering's Attacker Techniques
  • GET OFF MY LAWN!'s General Chat
  • Memory Forensics's Resources
  • Memory Forensics's Tools of the trade
  • Memory Forensics's Techniques
  • Memory Forensics's War Stories
  • Memory Forensics's Research
  • Appsec's Topics
  • Washington InfoSec's Security Conferences in or near Washington
  • Intelligence Monitoring Operations's Tradecraft (Tactics + Techniques)
  • Intelligence Monitoring Operations's Monitoring Strategies
  • Intelligence Monitoring Operations's Personas & OPSEC
  • Intelligence Monitoring Operations's Data Breach Leaks

Find results in...

Find results that contain...


Date Created

  • Start

    End

Last Updated

  • Start

    End

Filter by number of...

Joined

  • Start

    End

Group

About Me

Found 1 result

  1. Kevin Beaumont
    CVE-2019-1181: https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/CVE-2019-1181 Pre authentication remote code execution in Remote Desktop Protocol on every version of Windows, including Windows 10, 2012, 2016 and 2019. CVSS 9.7 score. Exploitation more likely than not. CVE-2019-1182: https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/CVE-2019-1182 Pre authentication remote code execution in Remote Desktop Protocol on every version of Windows, including Windows 10, 2012, 2016 and 2019. CVSS 9.7 score. Exploitation more likely than not. CVE-2019-1222: https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/CVE-2019-1222 Pre authentication remote code execution in Remote Desktop Protocol on every version of Windows, including Windows 10, 2012, 2016 and 2019. CVSS 9.8 score. Exploitation more likely than not. CVE-2019-1223: https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/CVE-2019-1223 Unauthenticated denial of service with RDP. All versions. CVE-2019-1224: https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/CVE-2019-1224 Unauthenticated disclosure of memory. CVE-2019-1225: https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/CVE-2019-1225 authenticated disclosure of memory CVE-2019-1226: https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/CVE-2019-1226 Pre authentication remote code execution in Remote Desktop Protocol on every version of Windows, including Windows 10, 2012, 2016 and 2019. CVSS 9.8 score. Exploitation more likely than not. Exploits There are no known public exploits for these issues. Microsoft have built some private exploits. Severity It appears these are a collection of many different and serious vulnerabilities. BlueKeep was one vulnerability in near legacy versions of Windows; these are different vulnerabilities in modern Windows. Mitigations - Enable NLA and leave it enabled for all external and internal systems. This raises exploitation requirements to needing credentials for some of the issues - Some of these vulnerabilities are not exploitable on Windows 7 and 2008 if you haven’t enabled RDP 8+, aka RemoteFX (rich experiences) and the like. These are available by default in later versions of Windows. Wormable? Microsoft say yes: https://msrc-blog.microsoft.com/2019/08/13/patch-new-wormable-vulnerabilities-in-remote-desktop-services-cve-2019-1181-1182/ DejaBlue Funny name by @Michael Norris .
×
×
  • Create New...

Important Information

We use cookies as we're cookie monsters. Privacy Policy

  I accept