Today Microsoft released fixes for a critical Remote Code Execution vulnerability, CVE-2019-0708, in Remote Desktop Services – formerly known as Terminal Services – that affects some older versions of Windows. The Remote Desktop Protocol (RDP) itself is not vulnerable. This vulnerability is pre-authentication and requires no user interaction. In other words, the vulnerability is ‘wormable’, meaning that any future malware that exploits this vulnerability could propagate from vulnerable computer to vulnerable computer in a similar way as the WannaCry malware spread across the globe in 2017.

myhack58 10

githubexploit 73

threatpost 13

symantec 1

talosblog 31

nessus 2

packetstorm 4

cve 1

msrc 8

metasploit 2

ics 3

kitploit 4

huawei 1

openvas 3

mssecure 3

cisa 3

canvas 1

qualysblog 3

prion 1

zdt 5

rapid7blog 1

checkpoint_advisories 1

thn 5

attackerkb 3

carbonblack 2

trellix 4

mscve 1

cisa_kev 1

exploitdb 3

exploitpack 1

f5 1

malwarebytes 1

fireeye 1

krebs 1

trendmicroblog 1

myhack58

CVE-2019-0708: Windows RDP service worms level vulnerability alerts-a vulnerability alert-the black bar safety net

2019-05-15 00:00:00

Worms level vulnerability BlueKeep(CVE-2019-0708) EXP is released-vulnerability warning-the black bar safety net

2019-09-07 00:00:00

Alert Windows RDP remote vulnerability POC propagation-vulnerability warning-the black bar safety net

2019-06-03 00:00:00

githubexploit

Exploit for Use After Free in Microsoft

2019-07-18 08:41:01

Exploit for Use After Free in Microsoft

2019-05-30 13:50:32

Exploit for Use After Free in Microsoft

2019-10-11 20:33:35

threatpost

One Million Devices Open to Wormable Microsoft BlueKeep Flaw

2019-05-28 14:39:54

Working BlueKeep Exploit Developed by DHS

2019-06-18 13:58:29

How to Get a Handle on Patch Management

2019-09-03 18:17:11

symantec

Microsoft Windows Remote Desktop Services CVE-2019-0708 Remote Code Execution Vulnerability

2019-05-14 00:00:00

talosblog

Threat Roundup for December 13 to December 20

2019-12-20 10:07:43

Threat Roundup for September 27 to October 4

2019-10-04 08:37:35

Threat Roundup for September 20 to September 27

2019-09-27 07:22:13

nessus

Microsoft Security Advisory 4500331: Guidance for older platforms (XP / 2003) (BlueKeep)

2019-05-14 00:00:00

Microsoft RDP RCE (CVE-2019-0708) (BlueKeep) (uncredentialed check)

2019-05-22 00:00:00

packetstorm

Microsoft Windows RDP BlueKeep Denial Of Service

2019-07-15 00:00:00

Microsoft Windows Remote Desktop BlueKeep Denial Of Service

2019-05-30 00:00:00

BlueKeep RDP Remote Windows Kernel Use-After-Free

2019-09-23 00:00:00

cve

CVE-2019-0708

2019-05-16 19:29:00

msrc

A Reminder to Update Your Systems to Prevent a Worm

2019-05-31 07:00:00

Prevent a worm by updating Remote Desktop Services (CVE-2019-0708)

2019-05-14 17:05:03

A Reminder to Update Your Systems to Prevent a Worm

2019-05-31 07:00:00

metasploit

CVE-2019-0708 BlueKeep RDP Remote Windows Kernel Use After Free

2019-09-19 11:05:08

CVE-2019-0708 BlueKeep Microsoft Remote Desktop RCE Check

2019-06-03 21:54:33

ics

Spacelabs Xhibit Telemetry Receiver (XTR)

2020-02-18 12:00:00

Microsoft Operating Systems BlueKeep Vulnerability

2019-06-17 12:00:00

Enhancing Cyber Resilience: Insights from the CISA Healthcare and Public Health Sector Risk and Vulnerability Assessment

2023-12-15 12:00:00

kitploit

Pentest Tools Framework - A Database Of Exploits, Scanners And Tools For Penetration Testing

2020-03-12 11:30:00

Ispy - Eternalblue (MS17-010) / Bluekeep (CVE-2019-0708) Scanner And Exploit

2019-10-09 21:00:00

Rdpscan - A Quick Scanner For The CVE-2019-0708 "BlueKeep" Vulnerability

2019-06-19 12:32:00

huawei

Security Advisory - Remote Code Execution Vulnerability in Some Microsoft Windows Systems

2019-05-29 00:00:00

openvas

Microsoft Windows Remote Desktop Service Remote Code Execution Vulnerability (KB4500331)

2019-05-17 00:00:00

Huawei Data Communication: Remote Code Execution Vulnerability in Some Microsoft Windows Systems (huawei-sa-20190529-01-windows)

2020-06-05 00:00:00

Microsoft Windows Remote Desktop Services 'CVE-2019-0708' Remote Code Execution Vulnerability (BlueKeep) - (Remote Active)

2019-07-05 00:00:00

mssecure

Microsoft works with researchers to detect and protect against new RDP exploits

2019-11-07 21:05:30

Best practices for defending Azure Virtual Machines

2020-10-07 16:00:20

Protect against BlueKeep

2019-08-08 16:00:57

cisa

NSA Releases Advisory on BlueKeep Vulnerability

2019-06-04 00:00:00

Microsoft Releases Security Updates to Address Remote Code Execution Vulnerability

2019-05-16 00:00:00

Microsoft Releases Security Updates to Address Remote Code Execution Vulnerabilities

2019-08-14 00:00:00

canvas

Immunity Canvas: BLUEKEEP

2019-05-16 19:29:00

qualysblog

BlueKeep Attacks Observed Months after Initial Release

2019-11-04 21:50:34

Blue is a color we love but can’t Keep!

2019-12-20 16:00:59

Windows RDP Remote Code Execution Vulnerability (BlueKeep) – How to Detect and Patch

2019-05-16 02:17:00

prion

Remote code execution

2019-05-16 19:29:00

zdt

Microsoft RDP Remote Code Execution Exploit

2021-06-03 00:00:00

Microsoft Windows - BlueKeep RDP Remote Windows Kernel Use After Free Exploit

2019-09-24 00:00:00

Microsoft Windows 7 (x86) - (BlueKeep) RDP Remote Windows Kernel Use After Free Exploit

2019-11-19 00:00:00

rapid7blog

NICER Protocol Deep Dive: Internet Exposure of Remote Desktop (RDP)

2020-10-23 17:26:31

checkpoint_advisories

Microsoft Remote Desktop Services Remote Code Execution (CVE-2019-0708)

2019-05-19 00:00:00

thn

First Cyber Attack 'Mass Exploiting' BlueKeep RDP Flaw Spotted in the Wild

2019-11-03 11:02:00

Nearly 1 Million Computers Still Vulnerable to "Wormable" BlueKeep RDP Flaw

2019-05-28 12:08:00

New Brute-Force Botnet Targeting Over 1.5 Million RDP Servers Worldwide

2019-06-07 09:13:00

attackerkb

CVE-2019-0708

2019-05-16 00:00:00

Windows Remote Desktop (RDP) Use-after-free vulnerablility, "Bluekeep"

2019-05-16 00:00:00

Insecure RDP

2020-10-09 00:00:00

carbonblack

Wild Blue Yonder: VMware Carbon Black ThreatSight Dissects BlueKeep Windows Exploit

2019-11-11 16:08:43

How to Use VMware Carbon Black’s Real-Time Endpoint Query to Identify BlueKeep Vulnerability Risk

2020-01-10 17:03:35

trellix

Understanding the Wormable RDP Vulnerability CVE-2019-0708

2019-05-21 00:00:00

Understanding the Wormable RDP Vulnerability CVE-2019-0708

2019-05-21 00:00:00

Securing Space 4.0 – One Small Step or a Giant Leap? - Part 1

2020-09-30 00:00:00

mscve

Remote Desktop Services Remote Code Execution Vulnerability

2019-05-14 07:00:00

cisa_kev

Microsoft Remote Desktop Services Remote Code Execution Vulnerability

2021-11-03 00:00:00

exploitdb

Microsoft Windows 7/2003/2008 RDP - Remote Code Execution

2019-05-22 00:00:00

Microsoft Windows Remote Desktop - 'BlueKeep' Denial of Service (Metasploit)

2019-07-15 00:00:00

Microsoft Windows - BlueKeep RDP Remote Windows Kernel Use After Free (Metasploit)

2019-09-24 00:00:00

exploitpack

Microsoft Windows Remote Desktop - BlueKeep Denial of Service (Metasploit)

2019-07-15 00:00:00

K25238311 : Microsoft Remote Desktop Services Remote Code Execution vulnerability CVE-2019-0708

2019-05-16 00:00:00

malwarebytes

Microsoft pushes patch to prevent ‘WannaCry level’ vulnerability

2019-05-15 16:57:16

fireeye

Live off the Land? How About Bringing Your Own Island? An Overview of UNC1945

2020-11-02 00:00:00

krebs

Microsoft Patches ‘Wormable’ Flaw in Windows XP, 7 and Windows 2003

2019-05-14 17:11:34

trendmicroblog

This Week in Security News: Trickbots and Infected Containers

2019-05-31 13:05:27

Products

Security Intelligence
Non-intrusive assessment
Developers SDK
Windows scanner
Linux scanner
Perimeter control tool
MSSP

Database

Vulnerabilities
Exploits
IOC
Security News
BugBounty
Popular
Wild Exploited
Top Vulnerabilities

Tools

Linux Security Scanner
API integration
Subscriptions
Plugins
Manual Audit

Learn More

Stats
API
Docs
Api-keys
License
Pricing
Glossary
FAQ

Company

Blog
Contacts
About Us
OpenSource
EULA
Brand Guideline
Privacy Policy

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply. All product names, logos, and brands are property of their respective owners. All company, product and service names used in this website are for identification purposes only. Use of these names, logos, and brands does not imply endorsement.If you are an owner of some content and want it to be removed, please contact us. Using Vulners services you are accepting Vulners services end-user license agreement

@2024 Vulners Inc

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.975 High

EPSS

Percentile

100.0%

JSON

Related for MSRC:6899566B4A4ED588B0FAFE129DB77C42