What is the severity of CVE-2019-1181?

CVE-2019-1181 has a severity rating of critical due to its potential for remote code execution.

How do I mitigate CVE-2019-1181?

Mitigating CVE-2019-1181 requires applying the appropriate security patches provided by Microsoft for affected Windows versions.

Which systems are affected by CVE-2019-1181?

CVE-2019-1181 affects multiple versions of Microsoft Windows including Windows 7, 8.1, 10, and various editions of Windows Server.

Can CVE-2019-1181 be exploited remotely?

Yes, CVE-2019-1181 can be exploited remotely by an unauthenticated attacker via the Remote Desktop Protocol (RDP).

Is there a workaround for CVE-2019-1181?

Disabling RDP or applying the latest updates from Microsoft acts as a temporary workaround for CVE-2019-1181.

Vulnerability/
CVE-2019-1181

critical

14/8/2019

4/8/2024

CVE-2019-1181: Remote Desktop Services Remote Code Execution Vulnerability

First published: Wed Aug 14 2019(Updated: )

A remote code execution vulnerability exists in Remote Desktop Services – formerly known as Terminal Services – when an unauthenticated attacker connects to the target system using RDP and sends specially crafted requests. This vulnerability is pre-authentication and requires no user interaction. An attacker who successfully exploited this vulnerability could execute arbitrary code on the target system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. To exploit this vulnerability, an attacker would need to send a specially crafted request to the target systems Remote Desktop Service via RDP. The update addresses the vulnerability by correcting how Remote Desktop Services handles connection requests.

Credit: secure@microsoft.com secure@microsoft.com

Affected Software	Affected Version	How to fix
Microsoft Windows 10
Microsoft Windows 10	=1607
Microsoft Windows 10	=1703
Microsoft Windows 10	=1709
Microsoft Windows 10	=1803
Microsoft Windows 10	=1809
Microsoft Windows 10	=1903
Microsoft Windows 7	=sp1
Microsoft Windows 8.1
Microsoft Windows RT
Microsoft Windows Server 2008 Itanium	=sp2
Microsoft Windows Server 2012 x64
Microsoft Windows Server 2012 x64	=r2
Microsoft Windows Server 2016
Microsoft Windows Server 2016	=1803
Microsoft Windows Server 2016	=1903
Microsoft Windows Server 2019

Remedy

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1181

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2019-1181?
CVE-2019-1181 has a severity rating of critical due to its potential for remote code execution.
How do I mitigate CVE-2019-1181?
Mitigating CVE-2019-1181 requires applying the appropriate security patches provided by Microsoft for affected Windows versions.
Which systems are affected by CVE-2019-1181?
CVE-2019-1181 affects multiple versions of Microsoft Windows including Windows 7, 8.1, 10, and various editions of Windows Server.
Can CVE-2019-1181 be exploited remotely?
Yes, CVE-2019-1181 can be exploited remotely by an unauthenticated attacker via the Remote Desktop Protocol (RDP).
Is there a workaround for CVE-2019-1181?
Disabling RDP or applying the latest updates from Microsoft acts as a temporary workaround for CVE-2019-1181.

agent/type
agent/remedy
agent/references
agent/title
agent/first-publish-date
agent/event
agent/severity
agent/author
agent/description
collector/mitre-cve
source/MITRE
agent/last-modified-date
agent/source
agent/softwarecombine
agent/tags
collector/nvd-api
source/NVD
agent/software-canonical-lookup
agent/software-canonical-lookup-request
collector/nvd-index
vendor/microsoft
canonical/microsoft windows 10
version/microsoft windows 10/1607
version/microsoft windows 10/1703
version/microsoft windows 10/1709
version/microsoft windows 10/1803
version/microsoft windows 10/1809
version/microsoft windows 10/1903
canonical/microsoft windows 7
version/microsoft windows 7/sp1
canonical/microsoft windows 8.1
canonical/microsoft windows rt
canonical/microsoft windows server 2008 itanium
version/microsoft windows server 2008 itanium/sp2
canonical/microsoft windows server 2012 x64
version/microsoft windows server 2012 x64/r2
canonical/microsoft windows server 2016
version/microsoft windows server 2016/1803
version/microsoft windows server 2016/1903
canonical/microsoft windows server 2019

Frequently Asked Questions

What is the severity of CVE-2019-1181?
CVE-2019-1181 has a severity rating of critical due to its potential for remote code execution.
How do I mitigate CVE-2019-1181?
Mitigating CVE-2019-1181 requires applying the appropriate security patches provided by Microsoft for affected Windows versions.
Which systems are affected by CVE-2019-1181?
CVE-2019-1181 affects multiple versions of Microsoft Windows including Windows 7, 8.1, 10, and various editions of Windows Server.
Can CVE-2019-1181 be exploited remotely?
Yes, CVE-2019-1181 can be exploited remotely by an unauthenticated attacker via the Remote Desktop Protocol (RDP).
Is there a workaround for CVE-2019-1181?
Disabling RDP or applying the latest updates from Microsoft acts as a temporary workaround for CVE-2019-1181.

CVE-2019-1181: Remote Desktop Services Remote Code Execution Vulnerability

Remedy

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2019-1181?

How do I mitigate CVE-2019-1181?

Which systems are affected by CVE-2019-1181?

Can CVE-2019-1181 be exploited remotely?

Is there a workaround for CVE-2019-1181?

Company

Resources

Contact

Frequently Asked Questions

What is the severity of CVE-2019-1181?

How do I mitigate CVE-2019-1181?

Which systems are affected by CVE-2019-1181?

Can CVE-2019-1181 be exploited remotely?

Is there a workaround for CVE-2019-1181?