CVE-2019-0708: Microsoft Remote Desktop Services Remote Code Execution Vulnerability
First published: Thu May 16 2019(Updated: )
A remote code execution vulnerability exists in Remote Desktop Services formerly known as Terminal Services when an unauthenticated attacker connects to the target system using RDP and sends specially crafted requests, aka 'Remote Desktop Services Remote Code Execution Vulnerability'.
Credit: secure@microsoft.com secure@microsoft.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Microsoft Windows 7 | =sp1 | |
| Microsoft Windows Server | =sp2 | |
| Microsoft Windows Server | =sp2 | |
| Microsoft Windows Server | =r2-sp2 | |
| Microsoft Windows Server | =sp2 | |
| Microsoft Windows Server | =r2-sp1 | |
| Microsoft Windows Server | =r2-sp1 | |
| Microsoft Windows Vista | =sp2 | |
| Microsoft Windows XP | =sp2 | |
| Microsoft Windows XP | =sp3 | |
| Microsoft Remote Desktop | ||
| Microsoft Windows Server | =r2-sp1 | |
| All of | ||
| Siemens Axiom Multix M Firmware | ||
| Siemens Axiom Multix M Firmware | ||
| All of | ||
| Siemens Axiom Vertix MD Trauma | ||
| Siemens Axiom Vertix MD Trauma | ||
| All of | ||
| Siemens Vertix Solitaire | ||
| Siemens Axiom Vertix Solitaire M Firmware | ||
| All of | ||
| Siemens Mobilett XP Digital | ||
| Siemens Mobilett XP Digital | ||
| All of | ||
| Siemens Multix Pro Firmware | ||
| Siemens Multix Pro ACSS | ||
| All of | ||
| Siemens Multix Pro Firmware | ||
| Siemens Multix Pro P Firmware | ||
| All of | ||
| Siemens Multix Pro P Firmware | ||
| Siemens Multix Pro P Firmware | ||
| All of | ||
| Siemens Multix Pro Firmware | ||
| Siemens Multix Pro Firmware | ||
| All of | ||
| Siemens Multix Pro Navy | ||
| Siemens Multix Pro Navy Firmware | ||
| All of | ||
| Siemens Multix Swing Firmware | ||
| Siemens Multix Swing | ||
| All of | ||
| Siemens Multix Top Firmware | ||
| Siemens Multix Top | ||
| All of | ||
| Siemens Multix Top ACSS Firmware | ||
| Siemens Multix Top ACSS | ||
| All of | ||
| Siemens Multix Top ACSS P Firmware | ||
| Siemens Multix Top P Firmware | ||
| All of | ||
| Siemens Multix Top | ||
| Siemens Multix Top ACSS P Firmware | ||
| All of | ||
| Siemens Vertix Solitaire | ||
| Siemens Vertix Solitaire | ||
| All of | ||
| Siemens Atellica Solution | ||
| Siemens Atellica Solution | ||
| All of | ||
| Siemens Aptio | ||
| Siemens Aptio Firmware | ||
| All of | ||
| Siemens Streamlab | ||
| Siemens StreamLab Firmware | ||
| All of | ||
| Siemens Centralink | ||
| Siemens Centralink Firmware | ||
| All of | ||
| Siemens VIVA | ||
| Siemens VIVA | ||
| All of | ||
| Siemens Viva Twin Firmware | ||
| Siemens Viva Twin Firmware | ||
| Siemens Syngo Lab Process Manager | ||
| All of | ||
| Siemens RapidPoint 500 Firmware | <=2.3.2 | |
| Siemens RapidPoint 500 Firmware | ||
| All of | ||
| Siemens LANTIS | ||
| Siemens LANTIS | ||
| All of | ||
| Any of | ||
| Huawei Agile Controller-Campus Firmware | =v100r002c00 | |
| Huawei Agile Controller-Campus Firmware | =v100r002c10 | |
| Huawei Agile Controller-Campus Firmware | ||
| All of | ||
| Huawei Tecal Bh620 V2 Firmware | =v100r002c00 | |
| Huawei Bh620 V2 Firmware | ||
| All of | ||
| Huawei Tecal Bh621 V2 Firmware | =v100r002c00 | |
| Huawei Tecal Bh621 V2 | ||
| All of | ||
| Huawei Tecal Bh622 V2 Firmware | =v100r001c00 | |
| Huawei Tecal Bh622 V2 | ||
| All of | ||
| Huawei BH640 V2 Firmware | =v100r002c00 | |
| Huawei Tecal Bh640 V2 | ||
| All of | ||
| Huawei Tecal Ch121 Firmware | =v100r001c00 | |
| Huawei Tecal Ch121 | ||
| All of | ||
| Huawei CH140 | =v100r001c00 | |
| Huawei CH140 Firmware | ||
| All of | ||
| Huawei Tecal CH220 Firmware | =v100r001c00 | |
| Huawei Tecal CH220 | ||
| All of | ||
| Huawei Tecal Ch221 Firmware | =v100r001c00 | |
| Huawei Tecal Ch221 | ||
| All of | ||
| Huawei Tecal Ch222 Firmware | =v100r002c00 | |
| Huawei Tecal Ch222 | ||
| All of | ||
| Huawei Tecal Ch240 Firmware | =v100r001c00 | |
| Huawei CH240 Firmware | ||
| All of | ||
| Huawei Tecal Ch242 Firmware | =v100r001c00 | |
| Huawei Tecal Ch242 | ||
| All of | ||
| Huawei Tecal Ch242 V3 Firmware | =v100r001c00 | |
| Huawei Tecal Ch242 V3 Firmware | ||
| All of | ||
| Huawei E6000 Chassis Firmware | =v100r002c00 | |
| Huawei E6000 Chassis Firmware | ||
| All of | ||
| Huawei E6000 Chassis Firmware | =v100r001c00 | |
| Huawei E6000 | ||
| All of | ||
| Any of | ||
| Huawei GTSoftX3000 | =v200r001c01spc100 | |
| Huawei GTSoftX3000 | =v200r002c00spc300 | |
| Huawei GTSoftX3000 | =v200r002c10spc100 | |
| Huawei GTSoftX3000 Firmware | ||
| All of | ||
| Huawei OceanStor 18500 Firmware | =v100r001c30spc300 | |
| Huawei OceanStor 18500 V3 | ||
| All of | ||
| Huawei OceanStor 18800 V3 | =v100r001c30spc300 | |
| Huawei OceanStor 18800 V3 | ||
| All of | ||
| Huawei OceanStor 18800 Firmware | =v100r001c30spc300 | |
| Huawei OceanStor 18800F Firmware | ||
| All of | ||
| Any of | ||
| Huawei OceanStor HVS85T Firmware | =v100r001c00 | |
| Huawei OceanStor HVS85T Firmware | =v100r001c30spc200 | |
| Huawei OceanStor HVS85T Firmware | ||
| All of | ||
| Any of | ||
| Huawei OceanStor HVS88T Firmware | =v100r001c00 | |
| Huawei OceanStor HVS88T Firmware | =v100r001c30spc200 | |
| Huawei OceanStor HVS88T Firmware | ||
| All of | ||
| Huawei Tecal Rh1288 V2 Firmware | =v100r002c00 | |
| Huawei Tecal RH1288 V2 | ||
| All of | ||
| Huawei RH1288A V2 Firmware | =v100r002c00 | |
| Huawei FusionServer RH1288A V2 | ||
| All of | ||
| Huawei Tecal Rh2265 V2 Firmware | =v100r002c00 | |
| Huawei Tecal Rh2265 V2 | ||
| All of | ||
| Huawei Tecal Rh2268 V2 Firmware | =v100r002c00 | |
| Huawei Tecal RH2268 V2 | ||
| All of | ||
| Huawei Tecal Rh2285 V2 Firmware | =v100r002c00 | |
| Huawei Tecal Rh2285 V2 | ||
| All of | ||
| Huawei Tecal RH2285H V2 Firmware | =v100r002c00 | |
| Huawei Tecal RH2285H V2 | ||
| All of | ||
| Huawei RH2288E V2 Firmware | =v100r002c00 | |
| Huawei Tecal RH2288 V2 | ||
| All of | ||
| Huawei RH1288A V2 Firmware | =v100r002c00 | |
| Huawei RH1288A V2 Firmware | ||
| All of | ||
| Huawei RH2288E V2 | =v100r002c00 | |
| Huawei RH2288E V2 Firmware | ||
| All of | ||
| Huawei RH2288 V2 Firmware | =v100r002c00 | |
| Huawei Tecal Rh2288h V2 | ||
| All of | ||
| Huawei Tecal Rh2485 V2 Firmware | =v100r002c00 | |
| Huawei Tecal Rh2485 V2 | ||
| All of | ||
| Huawei Tecal Rh5885 V2 Firmware | =v100r001c00 | |
| Huawei Tecal RH5885 V2 | ||
| All of | ||
| Huawei Tecal Rh5885 V3 Firmware | =v100r003c00 | |
| Huawei Tecal Rh5885h V3 | ||
| All of | ||
| Any of | ||
| Huawei SMC 2.0 | =v500r002c00 | |
| Huawei SMC 2.0 | =v600r006c00 | |
| Huawei SMC2.0 firmware | ||
| All of | ||
| Huawei SECO VSM | =v200r002c00 | |
| Huawei SECO VSM Firmware | ||
| All of | ||
| Any of | ||
| Huawei UMA | =v200r001c00 | |
| Huawei UMA | =v300r001c00 | |
| Huawei UMA Firmware | ||
| All of | ||
| Huawei X6000 | =v100r002c00 | |
| Huawei X6000 Firmware | ||
| All of | ||
| Huawei X8000 | =v100r002c20 | |
| Huawei X8000 Firmware | ||
| All of | ||
| Huawei ELog | =v200r003c10 | |
| Huawei ELog | ||
| All of | ||
| Huawei eSpace ECS | =v300r001c00 | |
| Huawei eSpace ECS Firmware | ||
| =sp1 | ||
| =sp2 | ||
| =r2-sp1 | ||
| All of | ||
| All of | ||
| All of | ||
| All of | ||
| All of | ||
| All of | ||
| All of | ||
| All of | ||
| All of | ||
| All of | ||
| All of | ||
| All of | ||
| All of | ||
| All of | ||
| All of | ||
| All of | ||
| All of | ||
| All of | ||
| All of | ||
| All of | ||
| All of | ||
| All of | ||
| <=2.3.2 | ||
| All of | ||
| All of | ||
| Any of | ||
| =v100r002c00 | ||
| =v100r002c10 | ||
| All of | ||
| =v100r002c00 | ||
| All of | ||
| =v100r002c00 | ||
| All of | ||
| =v100r001c00 | ||
| All of | ||
| =v100r002c00 | ||
| All of | ||
| =v100r001c00 | ||
| All of | ||
| =v100r001c00 | ||
| All of | ||
| =v100r001c00 | ||
| All of | ||
| =v100r001c00 | ||
| All of | ||
| =v100r002c00 | ||
| All of | ||
| =v100r001c00 | ||
| All of | ||
| =v100r001c00 | ||
| All of | ||
| =v100r001c00 | ||
| All of | ||
| =v100r002c00 | ||
| All of | ||
| =v100r001c00 | ||
| All of | ||
| Any of | ||
| =v200r001c01spc100 | ||
| =v200r002c00spc300 | ||
| =v200r002c10spc100 | ||
| All of | ||
| =v100r001c30spc300 | ||
| All of | ||
| =v100r001c30spc300 | ||
| All of | ||
| =v100r001c30spc300 | ||
| All of | ||
| Any of | ||
| =v100r001c00 | ||
| =v100r001c30spc200 | ||
| All of | ||
| Any of | ||
| =v100r001c00 | ||
| =v100r001c30spc200 | ||
| All of | ||
| =v100r002c00 | ||
| All of | ||
| =v100r002c00 | ||
| All of | ||
| =v100r002c00 | ||
| All of | ||
| =v100r002c00 | ||
| All of | ||
| =v100r002c00 | ||
| All of | ||
| =v100r002c00 | ||
| All of | ||
| =v100r002c00 | ||
| All of | ||
| =v100r002c00 | ||
| All of | ||
| =v100r002c00 | ||
| All of | ||
| =v100r002c00 | ||
| All of | ||
| =v100r002c00 | ||
| All of | ||
| =v100r001c00 | ||
| All of | ||
| =v100r003c00 | ||
| All of | ||
| Any of | ||
| =v500r002c00 | ||
| =v600r006c00 | ||
| All of | ||
| =v200r002c00 | ||
| All of | ||
| Any of | ||
| =v200r001c00 | ||
| =v300r001c00 | ||
| All of | ||
| =v100r002c00 | ||
| All of | ||
| =v100r002c20 | ||
| All of | ||
| =v200r003c10 | ||
| All of | ||
| =v300r001c00 | ||
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://packetstormsecurity.com/files/153133/Microsoft-Windows-Remote-Desktop-BlueKeep-Denial-Of-Service.html
- http://packetstormsecurity.com/files/153627/Microsoft-Windows-RDP-BlueKeep-Denial-Of-Service.html
- http://packetstormsecurity.com/files/154579/BlueKeep-RDP-Remote-Windows-Kernel-Use-After-Free.html
- http://packetstormsecurity.com/files/155389/Microsoft-Windows-7-x86-BlueKeep-RDP-Use-After-Free.html
- http://packetstormsecurity.com/files/162960/Microsoft-RDP-Remote-Code-Execution.html
- http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190529-01-windows-en
- http://www.huawei.com/en/psirt/security-notices/huawei-sn-20190515-01-windows-en
- https://cert-portal.siemens.com/productcert/pdf/ssa-166360.pdf
- https://cert-portal.siemens.com/productcert/pdf/ssa-406175.pdf
- https://cert-portal.siemens.com/productcert/pdf/ssa-433987.pdf
- https://cert-portal.siemens.com/productcert/pdf/ssa-616199.pdf
- https://cert-portal.siemens.com/productcert/pdf/ssa-832947.pdf
- https://cert-portal.siemens.com/productcert/pdf/ssa-932041.pdf
- https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0708
- https://nvd.nist.gov/vuln/detail/CVE-2019-0708
Frequently Asked Questions
What is the severity of CVE-2019-0708?
The severity of CVE-2019-0708 is critical with a rating of 9.8.
How does CVE-2019-0708 impact Microsoft Remote Desktop Services?
CVE-2019-0708 allows an unauthenticated attacker to connect to the target system using RDP and send specially crafted requests, resulting in remote code execution.
Which software is affected by CVE-2019-0708?
The affected software includes Microsoft Remote Desktop Services, as well as Microsoft Windows 7, Windows Server 2003, Windows Server 2008, Windows Vista, and Windows XP.
Is there a fix available for CVE-2019-0708?
Yes, Microsoft has released security updates to address the vulnerability. It is recommended to install the latest updates to mitigate the risk.
Are there any known exploits or proof-of-concept for CVE-2019-0708?
Yes, there are known exploits and proof-of-concept code available for CVE-2019-0708, highlighting the importance of applying the necessary security patches.
- agent/type
- agent/description
- agent/title
- agent/weakness
- agent/remedy
- agent/severity
- agent/author
- agent/first-publish-date
- agent/references
- agent/source
- agent/event
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- collector/nvd-index
- agent/software-canonical-lookup-request
- exploited/true
- collector/cisa-known-exploited
- source/CISA
- agent/software-canonical-lookup
- agent/softwarecombine
- agent/tags
- collector/nvd-cve
- source/NVD
- collector/nvd-api
- vendor/microsoft
- canonical/microsoft windows 7
- version/microsoft windows 7/sp1
- canonical/microsoft windows server
- version/microsoft windows server/sp2
- version/microsoft windows server/r2-sp2
- version/microsoft windows server/r2-sp1
- canonical/microsoft windows vista
- version/microsoft windows vista/sp2
- canonical/microsoft windows xp
- version/microsoft windows xp/sp2
- version/microsoft windows xp/sp3
- canonical/microsoft remote desktop
- vendor/siemens
- canonical/siemens axiom multix m firmware
- canonical/siemens axiom vertix md trauma
- canonical/siemens vertix solitaire
- canonical/siemens axiom vertix solitaire m firmware
- canonical/siemens mobilett xp digital
- canonical/siemens multix pro firmware
- canonical/siemens multix pro acss
- canonical/siemens multix pro p firmware
- canonical/siemens multix pro navy
- canonical/siemens multix pro navy firmware
- canonical/siemens multix swing firmware
- canonical/siemens multix swing
- canonical/siemens multix top firmware
- canonical/siemens multix top
- canonical/siemens multix top acss firmware
- canonical/siemens multix top acss
- canonical/siemens multix top acss p firmware
- canonical/siemens multix top p firmware
- canonical/siemens atellica solution
- canonical/siemens aptio
- canonical/siemens aptio firmware
- canonical/siemens streamlab
- canonical/siemens streamlab firmware
- canonical/siemens centralink
- canonical/siemens centralink firmware
- canonical/siemens viva
- canonical/siemens viva twin firmware
- canonical/siemens syngo lab process manager
- canonical/siemens rapidpoint 500 firmware
- version/siemens rapidpoint 500 firmware/2.3.2
- canonical/siemens lantis
- vendor/huawei
- canonical/huawei agile controller-campus firmware
- version/huawei agile controller-campus firmware/v100r002c00
- version/huawei agile controller-campus firmware/v100r002c10
- canonical/huawei tecal bh620 v2 firmware
- version/huawei tecal bh620 v2 firmware/v100r002c00
- canonical/huawei bh620 v2 firmware
- canonical/huawei tecal bh621 v2 firmware
- version/huawei tecal bh621 v2 firmware/v100r002c00
- canonical/huawei tecal bh621 v2
- canonical/huawei tecal bh622 v2 firmware
- version/huawei tecal bh622 v2 firmware/v100r001c00
- canonical/huawei tecal bh622 v2
- canonical/huawei bh640 v2 firmware
- version/huawei bh640 v2 firmware/v100r002c00
- canonical/huawei tecal bh640 v2
- canonical/huawei tecal ch121 firmware
- version/huawei tecal ch121 firmware/v100r001c00
- canonical/huawei tecal ch121
- canonical/huawei ch140
- version/huawei ch140/v100r001c00
- canonical/huawei ch140 firmware
- canonical/huawei tecal ch220 firmware
- version/huawei tecal ch220 firmware/v100r001c00
- canonical/huawei tecal ch220
- canonical/huawei tecal ch221 firmware
- version/huawei tecal ch221 firmware/v100r001c00
- canonical/huawei tecal ch221
- canonical/huawei tecal ch222 firmware
- version/huawei tecal ch222 firmware/v100r002c00
- canonical/huawei tecal ch222
- canonical/huawei tecal ch240 firmware
- version/huawei tecal ch240 firmware/v100r001c00
- canonical/huawei ch240 firmware
- canonical/huawei tecal ch242 firmware
- version/huawei tecal ch242 firmware/v100r001c00
- canonical/huawei tecal ch242
- canonical/huawei tecal ch242 v3 firmware
- version/huawei tecal ch242 v3 firmware/v100r001c00
- canonical/huawei e6000 chassis firmware
- version/huawei e6000 chassis firmware/v100r002c00
- version/huawei e6000 chassis firmware/v100r001c00
- canonical/huawei e6000
- canonical/huawei gtsoftx3000
- version/huawei gtsoftx3000/v200r001c01spc100
- version/huawei gtsoftx3000/v200r002c00spc300
- version/huawei gtsoftx3000/v200r002c10spc100
- canonical/huawei gtsoftx3000 firmware
- canonical/huawei oceanstor 18500 firmware
- version/huawei oceanstor 18500 firmware/v100r001c30spc300
- canonical/huawei oceanstor 18500 v3
- canonical/huawei oceanstor 18800 v3
- version/huawei oceanstor 18800 v3/v100r001c30spc300
- canonical/huawei oceanstor 18800 firmware
- version/huawei oceanstor 18800 firmware/v100r001c30spc300
- canonical/huawei oceanstor 18800f firmware
- canonical/huawei oceanstor hvs85t firmware
- version/huawei oceanstor hvs85t firmware/v100r001c00
- version/huawei oceanstor hvs85t firmware/v100r001c30spc200
- canonical/huawei oceanstor hvs88t firmware
- version/huawei oceanstor hvs88t firmware/v100r001c00
- version/huawei oceanstor hvs88t firmware/v100r001c30spc200
- canonical/huawei tecal rh1288 v2 firmware
- version/huawei tecal rh1288 v2 firmware/v100r002c00
- canonical/huawei tecal rh1288 v2
- canonical/huawei rh1288a v2 firmware
- version/huawei rh1288a v2 firmware/v100r002c00
- canonical/huawei fusionserver rh1288a v2
- canonical/huawei tecal rh2265 v2 firmware
- version/huawei tecal rh2265 v2 firmware/v100r002c00
- canonical/huawei tecal rh2265 v2
- canonical/huawei tecal rh2268 v2 firmware
- version/huawei tecal rh2268 v2 firmware/v100r002c00
- canonical/huawei tecal rh2268 v2
- canonical/huawei tecal rh2285 v2 firmware
- version/huawei tecal rh2285 v2 firmware/v100r002c00
- canonical/huawei tecal rh2285 v2
- canonical/huawei tecal rh2285h v2 firmware
- version/huawei tecal rh2285h v2 firmware/v100r002c00
- canonical/huawei tecal rh2285h v2
- canonical/huawei rh2288e v2 firmware
- version/huawei rh2288e v2 firmware/v100r002c00
- canonical/huawei tecal rh2288 v2
- canonical/huawei rh2288e v2
- version/huawei rh2288e v2/v100r002c00
- canonical/huawei rh2288 v2 firmware
- version/huawei rh2288 v2 firmware/v100r002c00
- canonical/huawei tecal rh2288h v2
- canonical/huawei tecal rh2485 v2 firmware
- version/huawei tecal rh2485 v2 firmware/v100r002c00
- canonical/huawei tecal rh2485 v2
- canonical/huawei tecal rh5885 v2 firmware
- version/huawei tecal rh5885 v2 firmware/v100r001c00
- canonical/huawei tecal rh5885 v2
- canonical/huawei tecal rh5885 v3 firmware
- version/huawei tecal rh5885 v3 firmware/v100r003c00
- canonical/huawei tecal rh5885h v3
- canonical/huawei smc 2.0
- version/huawei smc 2.0/v500r002c00
- version/huawei smc 2.0/v600r006c00
- canonical/huawei smc2.0 firmware
- canonical/huawei seco vsm
- version/huawei seco vsm/v200r002c00
- canonical/huawei seco vsm firmware
- canonical/huawei uma
- version/huawei uma/v200r001c00
- version/huawei uma/v300r001c00
- canonical/huawei uma firmware
- canonical/huawei x6000
- version/huawei x6000/v100r002c00
- canonical/huawei x6000 firmware
- canonical/huawei x8000
- version/huawei x8000/v100r002c20
- canonical/huawei x8000 firmware
- canonical/huawei elog
- version/huawei elog/v200r003c10
- canonical/huawei espace ecs
- version/huawei espace ecs/v300r001c00
- canonical/huawei espace ecs firmware