Today Microsoft released a set of fixes for Remote Desktop Services that include two critical Remote Code Execution (RCE) vulnerabilities, CVE-2019-1181 and CVE-2019-1182. Like the previously-fixed ‘BlueKeep’ vulnerability (CVE-2019-0708), these two vulnerabilities are also ‘wormable’, meaning that any future malware that exploits these could propagate from vulnerable computer to vulnerable computer without user interaction.

myhack58 10

talosblog 31

cisa 3

msrc 8

krebs 1

kaspersky 1

attackerkb 4

prion 5

cve 5

thn 4

openvas 4

huawei 2

symantec 2

githubexploit 71

threatpost 9

nessus 2

ics 2

packetstorm 4

metasploit 2

kitploit 4

mssecure 3

mscve 3

checkpoint_advisories 2

qualysblog 3

carbonblack 1

trellix 2

cisa_kev 1

exploitdb 1

canvas 1

zdt 5

rapid7blog 1

exploitpack 1

f5 1

myhack58

Windows Remote Desktop Services remote command execution vulnerability, CVE-2019-1181/1182-a vulnerability warning-the black bar safety net

2019-08-14 00:00:00

CVE-2019-0708: Windows RDP service worms level vulnerability alerts-a vulnerability alert-the black bar safety net

2019-05-15 00:00:00

Worms level vulnerability BlueKeep(CVE-2019-0708) EXP is released-vulnerability warning-the black bar safety net

2019-09-07 00:00:00

talosblog

The latest on BlueKeep and DejaBlue vulnerabilities — Using Firepower to defend against encrypted DejaBlue

2019-11-04 07:43:36

Threat Roundup for December 13 to December 20

2019-12-20 10:07:43

Threat Roundup for September 27 to October 4

2019-10-04 08:37:35

cisa

Microsoft Releases Security Updates to Address Remote Code Execution Vulnerabilities

2019-08-14 00:00:00

NSA Releases Advisory on BlueKeep Vulnerability

2019-06-04 00:00:00

Microsoft Releases Security Updates to Address Remote Code Execution Vulnerability

2019-05-16 00:00:00

msrc

Patch new wormable vulnerabilities in Remote Desktop Services (CVE-2019-1181/1182)

2019-08-13 07:00:00

Patch new wormable vulnerabilities in Remote Desktop Services (CVE-2019-1181/1182)

2019-08-13 17:07:13

A Reminder to Update Your Systems to Prevent a Worm

2019-05-31 07:00:00

krebs

Patch Tuesday, August 2019 Edition

2019-08-13 21:57:13

kaspersky

KLA11697 RCE vulnerabilities in Microsoft Apps

2019-08-13 00:00:00

attackerkb

Insecure RDP

2020-10-09 00:00:00

DejaBlue, RDP Heap Overflow

2019-08-14 00:00:00

CVE-2019-0708

2019-05-16 00:00:00

prion

Remote code execution

2019-08-14 21:15:00

Remote code execution

2019-08-14 21:15:00

Remote code execution

2019-08-14 21:15:00

cve

CVE-2019-1182

2019-08-14 21:15:00

CVE-2019-1181

2019-08-14 21:15:00

CVE-2019-1226

2019-08-14 21:15:00

thn

4 New BlueKeep-like 'Wormable' Windows Remote Desktop Flaws Discovered

2019-08-13 18:22:00

First Cyber Attack 'Mass Exploiting' BlueKeep RDP Flaw Spotted in the Wild

2019-11-03 11:02:00

Nearly 1 Million Computers Still Vulnerable to "Wormable" BlueKeep RDP Flaw

2019-05-28 12:08:00

openvas

Huawei Data Communication: Four Remote Code Execution Vulnerability in Some Microsoft Windows Systems (huawei-sa-20190819-01-windows)

2020-06-05 00:00:00

Microsoft Windows Remote Desktop Service Remote Code Execution Vulnerability (KB4500331)

2019-05-17 00:00:00

Huawei Data Communication: Remote Code Execution Vulnerability in Some Microsoft Windows Systems (huawei-sa-20190529-01-windows)

2020-06-05 00:00:00

huawei

Security Advisory - Four Remote Code Execution Vulnerabilities in Some Microsoft Windows Systems

2019-08-19 00:00:00

Security Advisory - Remote Code Execution Vulnerability in Some Microsoft Windows Systems

2019-05-29 00:00:00

symantec

Microsoft Windows Remote Desktop Services CVE-2019-1181 Remote Code Execution Vulnerability

2019-08-13 00:00:00

Microsoft Windows Remote Desktop Services CVE-2019-0708 Remote Code Execution Vulnerability

2019-05-14 00:00:00

githubexploit

Exploit for Use After Free in Microsoft

2019-05-30 13:50:32

Exploit for Use After Free in Microsoft

2019-07-18 08:41:01

Exploit for Use After Free in Microsoft

2019-10-10 00:34:41

threatpost

One Million Devices Open to Wormable Microsoft BlueKeep Flaw

2019-05-28 14:39:54

How to Get a Handle on Patch Management

2019-09-03 18:17:11

Working BlueKeep Exploit Developed by DHS

2019-06-18 13:58:29

nessus

Microsoft Security Advisory 4500331: Guidance for older platforms (XP / 2003) (BlueKeep)

2019-05-14 00:00:00

Microsoft RDP RCE (CVE-2019-0708) (BlueKeep) (uncredentialed check)

2019-05-22 00:00:00

ics

Spacelabs Xhibit Telemetry Receiver (XTR)

2020-02-18 12:00:00

Microsoft Operating Systems BlueKeep Vulnerability

2019-06-17 12:00:00

packetstorm

Microsoft Windows RDP BlueKeep Denial Of Service

2019-07-15 00:00:00

Microsoft RDP Remote Code Execution

2021-06-03 00:00:00

Microsoft Windows Remote Desktop BlueKeep Denial Of Service

2019-05-30 00:00:00

metasploit

CVE-2019-0708 BlueKeep RDP Remote Windows Kernel Use After Free

2019-09-19 11:05:08

CVE-2019-0708 BlueKeep Microsoft Remote Desktop RCE Check

2019-06-03 21:54:33

kitploit

Pentest Tools Framework - A Database Of Exploits, Scanners And Tools For Penetration Testing

2020-03-12 11:30:00

Ispy - Eternalblue (MS17-010) / Bluekeep (CVE-2019-0708) Scanner And Exploit

2019-10-09 21:00:00

Rdpscan - A Quick Scanner For The CVE-2019-0708 "BlueKeep" Vulnerability

2019-06-19 12:32:00

mssecure

Microsoft works with researchers to detect and protect against new RDP exploits

2019-11-07 21:05:30

Best practices for defending Azure Virtual Machines

2020-10-07 16:00:20

Protect against BlueKeep

2019-08-08 16:00:57

mscve

Remote Desktop Services Remote Code Execution Vulnerability

2019-08-13 07:00:00

Remote Desktop Services Remote Code Execution Vulnerability

2019-05-14 07:00:00

Remote Desktop Services Remote Code Execution Vulnerability

2019-08-13 07:00:00

checkpoint_advisories

Microsoft Remote Desktop Services Remote Code Execution (CVE-2019-0708)

2019-05-19 00:00:00

Microsoft Remote Desktop Services Remote Code Execution (CVE-2019-1182)

2019-11-25 00:00:00

qualysblog

Windows RDP Remote Code Execution Vulnerability (BlueKeep) – How to Detect and Patch

2019-05-16 02:17:00

BlueKeep Attacks Observed Months after Initial Release

2019-11-04 21:50:34

Blue is a color we love but can’t Keep!

2019-12-20 16:00:59

carbonblack

Wild Blue Yonder: VMware Carbon Black ThreatSight Dissects BlueKeep Windows Exploit

2019-11-11 16:08:43

trellix

Understanding the Wormable RDP Vulnerability CVE-2019-0708

2019-05-21 00:00:00

Understanding the Wormable RDP Vulnerability CVE-2019-0708

2019-05-21 00:00:00

cisa_kev

Microsoft Remote Desktop Services Remote Code Execution Vulnerability

2021-11-03 00:00:00

exploitdb

Microsoft Windows 7/2003/2008 RDP - Remote Code Execution

2019-05-22 00:00:00

canvas

Immunity Canvas: BLUEKEEP

2019-05-16 19:29:00

zdt

Microsoft RDP Remote Code Execution Exploit

2021-06-03 00:00:00

Microsoft Windows - BlueKeep RDP Remote Windows Kernel Use After Free Exploit

2019-09-24 00:00:00

Microsoft Windows 7 (x86) - (BlueKeep) RDP Remote Windows Kernel Use After Free Exploit

2019-11-19 00:00:00

rapid7blog

NICER Protocol Deep Dive: Internet Exposure of Remote Desktop (RDP)

2020-10-23 17:26:31

exploitpack

Microsoft Windows Remote Desktop - BlueKeep Denial of Service (Metasploit)

2019-07-15 00:00:00

K25238311 : Microsoft Remote Desktop Services Remote Code Execution vulnerability CVE-2019-0708

2019-05-16 00:00:00

Products

Security Intelligence
Non-intrusive assessment
Developers SDK
Windows scanner
Linux scanner
Perimeter control tool
MSSP

Database

Vulnerabilities
Exploits
IOC
Security News
BugBounty
Popular
Wild Exploited
Top Vulnerabilities

Tools

Linux Security Scanner
API integration
Subscriptions
Plugins
Manual Audit

Learn More

Stats
API
Docs
Api-keys
License
Pricing
Glossary
FAQ

Company

Blog
Contacts
About Us
OpenSource
EULA
Brand Guideline
Privacy Policy

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply. All product names, logos, and brands are property of their respective owners. All company, product and service names used in this website are for identification purposes only. Use of these names, logos, and brands does not imply endorsement.If you are an owner of some content and want it to be removed, please contact us. Using Vulners services you are accepting Vulners services end-user license agreement

@2024 Vulners Inc

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.975 High

EPSS

Percentile

100.0%

JSON

Related for MSRC:FED202907D80016917D037495F9A0820