Show filters
3 Total Results
Displaying 1-3 of 3
Sort by:
Attacker Value
Very High
Windows Remote Desktop (RDP) Use-after-free vulnerablility, "Bluekeep"
Disclosure Date: May 16, 2019 (last updated September 02, 2020)
A bug in Windows Remote Desktop protocol allows unauthenticated users to run arbitrary code via a specially crafted request to the service. This affects Windows 7/Windows Server 2008 and earlier releases. Given the ubiquity of RDP in corporate environments and the trusted nature of RDP, this could pose serious concerns for ransomware attacks much like WannaCry.
Patches are released for Windows 7/2008 Operating systems as well as Windows XP.
12
Attacker Value
Very High
Insecure RDP
Last updated October 09, 2020
There are active attack campaigns as of October 2020 targeting RDP servers without multi-factor authentication enabled.
8
Attacker Value
Unknown
CVE-2019-0708
Disclosure Date: May 16, 2019 (last updated July 26, 2024)
A remote code execution vulnerability exists in Remote Desktop Services formerly known as Terminal Services when an unauthenticated attacker connects to the target system using RDP and sends specially crafted requests, aka 'Remote Desktop Services Remote Code Execution Vulnerability'.
0