CVE-2019-0708: Microsoft Remote Desktop Services Remote Code Execution Vulnerability
First published: Thu May 16 2019(Updated: )
A remote code execution vulnerability exists in Remote Desktop Services formerly known as Terminal Services when an unauthenticated attacker connects to the target system using RDP and sends specially crafted requests, aka 'Remote Desktop Services Remote Code Execution Vulnerability'.
Credit: secure@microsoft.com secure@microsoft.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Microsoft Remote Desktop Services | ||
| Microsoft Windows 7 | =sp1 | |
| Microsoft Windows Server 2003 | =sp2 | |
| Microsoft Windows Server 2003 | =sp2 | |
| Microsoft Windows Server 2003 | =r2-sp2 | |
| Microsoft Windows Server 2008 | =sp2 | |
| Microsoft Windows Server 2008 | =r2-sp1 | |
| Microsoft Windows Server 2008 | =r2-sp1 | |
| Microsoft Windows Vista | =sp2 | |
| Microsoft Windows XP | =sp2 | |
| Microsoft Windows XP | =sp3 | |
| Microsoft Windows Server 2008 | =r2-sp1 | |
| All of | ||
| Siemens Axiom Multix M Firmware | ||
| Siemens Axiom Multix M | ||
| All of | ||
| Siemens Axiom Vertix Md Trauma Firmware | ||
| Siemens Axiom Vertix Md Trauma | ||
| All of | ||
| Siemens Axiom Vertix Solitaire M Firmware | ||
| Siemens Axiom Vertix Solitaire M | ||
| All of | ||
| Siemens Mobilett Xp Digital Firmware | ||
| Siemens Mobilett Xp Digital | ||
| All of | ||
| Siemens Multix Pro Acss P Firmware | ||
| Siemens Multix Pro Acss P | ||
| All of | ||
| Siemens Multix Pro P Firmware | ||
| Siemens Multix Pro P | ||
| All of | ||
| Siemens Multix Pro Firmware | ||
| Siemens Multix Pro | ||
| All of | ||
| Siemens Multix Pro Acss Firmware | ||
| Siemens Multix Pro Acss | ||
| All of | ||
| Siemens Multix Pro Navy Firmware | ||
| Siemens Multix Pro Navy | ||
| All of | ||
| Siemens Multix Swing Firmware | ||
| Siemens Multix Swing | ||
| All of | ||
| Siemens Multix Top Firmware | ||
| Siemens Multix Top | ||
| All of | ||
| Siemens Multix Top Acss Firmware | ||
| Siemens Multix Top Acss | ||
| All of | ||
| Siemens Multix Top P Firmware | ||
| Siemens Multix Top P | ||
| All of | ||
| Siemens Multix Top Acss P Firmware | ||
| Siemens Multix Top Acss P | ||
| All of | ||
| Siemens Vertix Solitaire Firmware | ||
| Siemens Vertix Solitaire | ||
| All of | ||
| Siemens Atellica Solution Firmware | ||
| Siemens Atellica Solution | ||
| All of | ||
| Siemens Aptio Firmware | ||
| Siemens Aptio | ||
| All of | ||
| Siemens Streamlab Firmware | ||
| Siemens Streamlab | ||
| All of | ||
| Siemens Centralink Firmware | ||
| Siemens Centralink | ||
| All of | ||
| Siemens Viva E Firmware | ||
| Siemens Viva E | ||
| All of | ||
| Siemens Viva Twin Firmware | ||
| Siemens Viva Twin | ||
| Siemens Syngo Lab Process Manager | ||
| All of | ||
| Siemens Rapidpoint 500 Firmware | <=2.3.2 | |
| Siemens Rapidpoint 500 | ||
| All of | ||
| Siemens Lantis Firmware | ||
| Siemens Lantis | ||
| All of | ||
| Any of | ||
| Huawei Agile Controller-campus Firmware | =v100r002c00 | |
| Huawei Agile Controller-campus Firmware | =v100r002c10 | |
| Huawei Agile Controller-Campus | ||
| All of | ||
| Huawei Bh620 V2 Firmware | =v100r002c00 | |
| Huawei Bh620 V2 | ||
| All of | ||
| Huawei Bh621 V2 Firmware | =v100r002c00 | |
| Huawei Bh621 V2 | ||
| All of | ||
| Huawei Bh622 V2 Firmware | =v100r001c00 | |
| Huawei Bh622 V2 | ||
| All of | ||
| Huawei Bh640 V2 Firmware | =v100r002c00 | |
| Huawei Bh640 V2 | ||
| All of | ||
| Huawei Ch121 Firmware | =v100r001c00 | |
| Huawei Ch121 | ||
| All of | ||
| Huawei Ch140 Firmware | =v100r001c00 | |
| Huawei Ch140 | ||
| All of | ||
| Huawei Ch220 Firmware | =v100r001c00 | |
| Huawei Ch220 | ||
| All of | ||
| Huawei Ch221 Firmware | =v100r001c00 | |
| Huawei Ch221 | ||
| All of | ||
| Huawei Ch222 Firmware | =v100r002c00 | |
| Huawei Ch222 | ||
| All of | ||
| Huawei Ch240 Firmware | =v100r001c00 | |
| Huawei Ch240 | ||
| All of | ||
| Huawei Ch242 Firmware | =v100r001c00 | |
| Huawei Ch242 | ||
| All of | ||
| Huawei Ch242 V3 Firmware | =v100r001c00 | |
| Huawei Ch242 V3 | ||
| All of | ||
| Huawei E6000 Firmware | =v100r002c00 | |
| Huawei E6000 | ||
| All of | ||
| Huawei E6000 Chassis Firmware | =v100r001c00 | |
| Huawei E6000 Chassis | ||
| All of | ||
| Any of | ||
| Huawei Gtsoftx3000 Firmware | =v200r001c01spc100 | |
| Huawei Gtsoftx3000 Firmware | =v200r002c00spc300 | |
| Huawei Gtsoftx3000 Firmware | =v200r002c10spc100 | |
| Huawei Gtsoftx3000 | ||
| All of | ||
| Huawei Oceanstor 18500 Firmware | =v100r001c30spc300 | |
| Huawei Oceanstor 18500 | ||
| All of | ||
| Huawei Oceanstor 18800 Firmware | =v100r001c30spc300 | |
| Huawei Oceanstor 18800 | ||
| All of | ||
| Huawei Oceanstor 18800f Firmware | =v100r001c30spc300 | |
| Huawei Oceanstor 18800f | ||
| All of | ||
| Any of | ||
| Huawei Oceanstor Hvs85t Firmware | =v100r001c00 | |
| Huawei Oceanstor Hvs85t Firmware | =v100r001c30spc200 | |
| Huawei Oceanstor Hvs85t | ||
| All of | ||
| Any of | ||
| Huawei Oceanstor Hvs88t Firmware | =v100r001c00 | |
| Huawei Oceanstor Hvs88t Firmware | =v100r001c30spc200 | |
| Huawei Oceanstor Hvs88t | ||
| All of | ||
| Huawei Rh1288 V2 Firmware | =v100r002c00 | |
| Huawei Rh1288 V2 | ||
| All of | ||
| Huawei Rh1288a V2 Firmware | =v100r002c00 | |
| Huawei Rh1288a V2 | ||
| All of | ||
| Huawei Rh2265 V2 Firmware | =v100r002c00 | |
| Huawei Rh2265 V2 | ||
| All of | ||
| Huawei Rh2268 V2 Firmware | =v100r002c00 | |
| Huawei Rh2268 V2 | ||
| All of | ||
| Huawei Rh2285 V2 Firmware | =v100r002c00 | |
| Huawei Rh2285 V2 | ||
| All of | ||
| Huawei Rh2285h V2 Firmware | =v100r002c00 | |
| Huawei Rh2285h V2 | ||
| All of | ||
| Huawei Rh2288 V2 Firmware | =v100r002c00 | |
| Huawei Rh2288 V2 | ||
| All of | ||
| Huawei Rh2288a V2 Firmware | =v100r002c00 | |
| Huawei Rh2288a V2 | ||
| All of | ||
| Huawei Rh2288e V2 Firmware | =v100r002c00 | |
| Huawei Rh2288e V2 | ||
| All of | ||
| Huawei Rh2288h V2 Firmware | =v100r002c00 | |
| Huawei Rh2288h V2 | ||
| All of | ||
| Huawei Rh2485 V2 Firmware | =v100r002c00 | |
| Huawei Rh2485 V2 | ||
| All of | ||
| Huawei Rh5885 V2 Firmware | =v100r001c00 | |
| Huawei Rh5885 V2 | ||
| All of | ||
| Huawei Rh5885 V3 Firmware | =v100r003c00 | |
| Huawei Rh5885 V3 | ||
| All of | ||
| Any of | ||
| Huawei Smc2.0 Firmware | =v500r002c00 | |
| Huawei Smc2.0 Firmware | =v600r006c00 | |
| Huawei SMC2.0 | ||
| All of | ||
| Huawei Seco Vsm Firmware | =v200r002c00 | |
| Huawei Seco Vsm | ||
| All of | ||
| Any of | ||
| Huawei Uma Firmware | =v200r001c00 | |
| Huawei Uma Firmware | =v300r001c00 | |
| Huawei UMA | ||
| All of | ||
| Huawei X6000 Firmware | =v100r002c00 | |
| Huawei X6000 | ||
| All of | ||
| Huawei X8000 Firmware | =v100r002c20 | |
| Huawei X8000 | ||
| All of | ||
| Huawei Elog Firmware | =v200r003c10 | |
| Huawei Elog | ||
| All of | ||
| Huawei Espace Ecs Firmware | =v300r001c00 | |
| Huawei Espace Ecs |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://packetstormsecurity.com/files/153133/Microsoft-Windows-Remote-Desktop-BlueKeep-Denial-Of-Service.html
- http://packetstormsecurity.com/files/153627/Microsoft-Windows-RDP-BlueKeep-Denial-Of-Service.html
- http://packetstormsecurity.com/files/154579/BlueKeep-RDP-Remote-Windows-Kernel-Use-After-Free.html
- http://packetstormsecurity.com/files/155389/Microsoft-Windows-7-x86-BlueKeep-RDP-Use-After-Free.html
- http://packetstormsecurity.com/files/162960/Microsoft-RDP-Remote-Code-Execution.html
- http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190529-01-windows-en
- http://www.huawei.com/en/psirt/security-notices/huawei-sn-20190515-01-windows-en
- https://cert-portal.siemens.com/productcert/pdf/ssa-166360.pdf
- https://cert-portal.siemens.com/productcert/pdf/ssa-406175.pdf
- https://cert-portal.siemens.com/productcert/pdf/ssa-433987.pdf
- https://cert-portal.siemens.com/productcert/pdf/ssa-616199.pdf
- https://cert-portal.siemens.com/productcert/pdf/ssa-832947.pdf
- https://cert-portal.siemens.com/productcert/pdf/ssa-932041.pdf
- https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0708
- https://nvd.nist.gov/vuln/detail/CVE-2019-0708
Frequently Asked Questions
What is the severity of CVE-2019-0708?
The severity of CVE-2019-0708 is critical with a rating of 9.8.
How does CVE-2019-0708 impact Microsoft Remote Desktop Services?
CVE-2019-0708 allows an unauthenticated attacker to connect to the target system using RDP and send specially crafted requests, resulting in remote code execution.
Which software is affected by CVE-2019-0708?
The affected software includes Microsoft Remote Desktop Services, as well as Microsoft Windows 7, Windows Server 2003, Windows Server 2008, Windows Vista, and Windows XP.
Is there a fix available for CVE-2019-0708?
Yes, Microsoft has released security updates to address the vulnerability. It is recommended to install the latest updates to mitigate the risk.
Are there any known exploits or proof-of-concept for CVE-2019-0708?
Yes, there are known exploits and proof-of-concept code available for CVE-2019-0708, highlighting the importance of applying the necessary security patches.
- agent/type
- agent/description
- agent/title
- agent/weakness
- agent/remedy
- collector/nvd-index
- agent/software-canonical-lookup-request
- agent/severity
- agent/author
- collector/nvd-api
- source/NVD
- agent/software-canonical-lookup
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/first-publish-date
- agent/event
- exploited/true
- collector/cisa-known-exploited
- source/CISA
- agent/references
- agent/tags
- collector/nvd-cve
- vendor/microsoft
- canonical/microsoft windows 7
- version/microsoft windows 7/sp1
- canonical/microsoft windows server 2003
- version/microsoft windows server 2003/sp2
- version/microsoft windows server 2003/r2-sp2
- canonical/microsoft windows server 2008
- version/microsoft windows server 2008/sp2
- version/microsoft windows server 2008/r2-sp1
- canonical/microsoft windows vista
- version/microsoft windows vista/sp2
- canonical/microsoft windows xp
- version/microsoft windows xp/sp2
- version/microsoft windows xp/sp3
- vendor/siemens
- canonical/siemens axiom multix m firmware
- canonical/siemens axiom multix m
- canonical/siemens axiom vertix md trauma firmware
- canonical/siemens axiom vertix md trauma
- canonical/siemens axiom vertix solitaire m firmware
- canonical/siemens axiom vertix solitaire m
- canonical/siemens mobilett xp digital firmware
- canonical/siemens mobilett xp digital
- canonical/siemens multix pro acss p firmware
- canonical/siemens multix pro acss p
- canonical/siemens multix pro p firmware
- canonical/siemens multix pro p
- canonical/siemens multix pro firmware
- canonical/siemens multix pro
- canonical/siemens multix pro acss firmware
- canonical/siemens multix pro acss
- canonical/siemens multix pro navy firmware
- canonical/siemens multix pro navy
- canonical/siemens multix swing firmware
- canonical/siemens multix swing
- canonical/siemens multix top firmware
- canonical/siemens multix top
- canonical/siemens multix top acss firmware
- canonical/siemens multix top acss
- canonical/siemens multix top p firmware
- canonical/siemens multix top p
- canonical/siemens multix top acss p firmware
- canonical/siemens multix top acss p
- canonical/siemens vertix solitaire firmware
- canonical/siemens vertix solitaire
- canonical/siemens atellica solution firmware
- canonical/siemens atellica solution
- canonical/siemens aptio firmware
- canonical/siemens aptio
- canonical/siemens streamlab firmware
- canonical/siemens streamlab
- canonical/siemens centralink firmware
- canonical/siemens centralink
- canonical/siemens viva e firmware
- canonical/siemens viva e
- canonical/siemens viva twin firmware
- canonical/siemens viva twin
- canonical/siemens syngo lab process manager
- canonical/siemens rapidpoint 500 firmware
- version/siemens rapidpoint 500 firmware/2.3.2
- canonical/siemens rapidpoint 500
- canonical/siemens lantis firmware
- canonical/siemens lantis
- vendor/huawei
- canonical/huawei agile controller-campus firmware
- version/huawei agile controller-campus firmware/v100r002c00
- version/huawei agile controller-campus firmware/v100r002c10
- canonical/huawei agile controller-campus
- canonical/huawei bh620 v2 firmware
- version/huawei bh620 v2 firmware/v100r002c00
- canonical/huawei bh620 v2
- canonical/huawei bh621 v2 firmware
- version/huawei bh621 v2 firmware/v100r002c00
- canonical/huawei bh621 v2
- canonical/huawei bh622 v2 firmware
- version/huawei bh622 v2 firmware/v100r001c00
- canonical/huawei bh622 v2
- canonical/huawei bh640 v2 firmware
- version/huawei bh640 v2 firmware/v100r002c00
- canonical/huawei bh640 v2
- canonical/huawei ch121 firmware
- version/huawei ch121 firmware/v100r001c00
- canonical/huawei ch121
- canonical/huawei ch140 firmware
- version/huawei ch140 firmware/v100r001c00
- canonical/huawei ch140
- canonical/huawei ch220 firmware
- version/huawei ch220 firmware/v100r001c00
- canonical/huawei ch220
- canonical/huawei ch221 firmware
- version/huawei ch221 firmware/v100r001c00
- canonical/huawei ch221
- canonical/huawei ch222 firmware
- version/huawei ch222 firmware/v100r002c00
- canonical/huawei ch222
- canonical/huawei ch240 firmware
- version/huawei ch240 firmware/v100r001c00
- canonical/huawei ch240
- canonical/huawei ch242 firmware
- version/huawei ch242 firmware/v100r001c00
- canonical/huawei ch242
- canonical/huawei ch242 v3 firmware
- version/huawei ch242 v3 firmware/v100r001c00
- canonical/huawei ch242 v3
- canonical/huawei e6000 firmware
- version/huawei e6000 firmware/v100r002c00
- canonical/huawei e6000
- canonical/huawei e6000 chassis firmware
- version/huawei e6000 chassis firmware/v100r001c00
- canonical/huawei e6000 chassis
- canonical/huawei gtsoftx3000 firmware
- version/huawei gtsoftx3000 firmware/v200r001c01spc100
- version/huawei gtsoftx3000 firmware/v200r002c00spc300
- version/huawei gtsoftx3000 firmware/v200r002c10spc100
- canonical/huawei gtsoftx3000
- canonical/huawei oceanstor 18500 firmware
- version/huawei oceanstor 18500 firmware/v100r001c30spc300
- canonical/huawei oceanstor 18500
- canonical/huawei oceanstor 18800 firmware
- version/huawei oceanstor 18800 firmware/v100r001c30spc300
- canonical/huawei oceanstor 18800
- canonical/huawei oceanstor 18800f firmware
- version/huawei oceanstor 18800f firmware/v100r001c30spc300
- canonical/huawei oceanstor 18800f
- canonical/huawei oceanstor hvs85t firmware
- version/huawei oceanstor hvs85t firmware/v100r001c00
- version/huawei oceanstor hvs85t firmware/v100r001c30spc200
- canonical/huawei oceanstor hvs85t
- canonical/huawei oceanstor hvs88t firmware
- version/huawei oceanstor hvs88t firmware/v100r001c00
- version/huawei oceanstor hvs88t firmware/v100r001c30spc200
- canonical/huawei oceanstor hvs88t
- canonical/huawei rh1288 v2 firmware
- version/huawei rh1288 v2 firmware/v100r002c00
- canonical/huawei rh1288 v2
- canonical/huawei rh1288a v2 firmware
- version/huawei rh1288a v2 firmware/v100r002c00
- canonical/huawei rh1288a v2
- canonical/huawei rh2265 v2 firmware
- version/huawei rh2265 v2 firmware/v100r002c00
- canonical/huawei rh2265 v2
- canonical/huawei rh2268 v2 firmware
- version/huawei rh2268 v2 firmware/v100r002c00
- canonical/huawei rh2268 v2
- canonical/huawei rh2285 v2 firmware
- version/huawei rh2285 v2 firmware/v100r002c00
- canonical/huawei rh2285 v2
- canonical/huawei rh2285h v2 firmware
- version/huawei rh2285h v2 firmware/v100r002c00
- canonical/huawei rh2285h v2
- canonical/huawei rh2288 v2 firmware
- version/huawei rh2288 v2 firmware/v100r002c00
- canonical/huawei rh2288 v2
- canonical/huawei rh2288a v2 firmware
- version/huawei rh2288a v2 firmware/v100r002c00
- canonical/huawei rh2288a v2
- canonical/huawei rh2288e v2 firmware
- version/huawei rh2288e v2 firmware/v100r002c00
- canonical/huawei rh2288e v2
- canonical/huawei rh2288h v2 firmware
- version/huawei rh2288h v2 firmware/v100r002c00
- canonical/huawei rh2288h v2
- canonical/huawei rh2485 v2 firmware
- version/huawei rh2485 v2 firmware/v100r002c00
- canonical/huawei rh2485 v2
- canonical/huawei rh5885 v2 firmware
- version/huawei rh5885 v2 firmware/v100r001c00
- canonical/huawei rh5885 v2
- canonical/huawei rh5885 v3 firmware
- version/huawei rh5885 v3 firmware/v100r003c00
- canonical/huawei rh5885 v3
- canonical/huawei smc2.0 firmware
- version/huawei smc2.0 firmware/v500r002c00
- version/huawei smc2.0 firmware/v600r006c00
- canonical/huawei smc2.0
- canonical/huawei seco vsm firmware
- version/huawei seco vsm firmware/v200r002c00
- canonical/huawei seco vsm
- canonical/huawei uma firmware
- version/huawei uma firmware/v200r001c00
- version/huawei uma firmware/v300r001c00
- canonical/huawei uma
- canonical/huawei x6000 firmware
- version/huawei x6000 firmware/v100r002c00
- canonical/huawei x6000
- canonical/huawei x8000 firmware
- version/huawei x8000 firmware/v100r002c20
- canonical/huawei x8000
- canonical/huawei elog firmware
- version/huawei elog firmware/v200r003c10
- canonical/huawei elog
- canonical/huawei espace ecs firmware
- version/huawei espace ecs firmware/v300r001c00
- canonical/huawei espace ecs
- canonical/microsoft remote desktop services