Attacker Value
Unknown
CVE-2019-0708
CVE-2019-0708
(Last updated July 26, 2024) ▾
MITRE ATT&CK
Log in to add MITRE ATT&CK tag
Add MITRE ATT&CK tactics and techniques that apply to this CVE.
Metasploit Module
Description
A remote code execution vulnerability exists in Remote Desktop Services formerly known as Terminal Services when an unauthenticated attacker connects to the target system using RDP and sends specially crafted requests, aka ‘Remote Desktop Services Remote Code Execution Vulnerability’.
Add Assessment
No one has assessed this topic. Be the first to add your voice to the community.
CVSS V3 Severity and Metrics
Data provided by the National Vulnerability Database (NVD)
Base Score:
9.8 Critical
Impact Score:
5.9
Exploitability Score:
3.9
Attack Vector (AV):
Network
Attack Complexity (AC):
Low
Privileges Required (PR):
None
User Interaction (UI):
None
Scope (S):
Unchanged
Confidentiality (C):
High
Integrity (I):
High
Availability (A):
High
General Information
Vendors
- huawei,
- microsoft,
- siemens
Products
- agile controller-campus firmware v100r002c00,
- agile controller-campus firmware v100r002c10,
- aptio firmware,
- atellica solution firmware,
- axiom multix m firmware,
- axiom vertix md trauma firmware,
- axiom vertix solitaire m firmware,
- bh620 v2 firmware v100r002c00,
- bh621 v2 firmware v100r002c00,
- bh622 v2 firmware v100r001c00,
- bh640 v2 firmware v100r002c00,
- centralink firmware,
- ch121 firmware v100r001c00,
- ch140 firmware v100r001c00,
- ch220 firmware v100r001c00,
- ch221 firmware v100r001c00,
- ch222 firmware v100r002c00,
- ch240 firmware v100r001c00,
- ch242 firmware v100r001c00,
- ch242 v3 firmware v100r001c00,
- e6000 chassis firmware v100r001c00,
- e6000 firmware v100r002c00,
- elog firmware v200r003c10,
- espace ecs firmware v300r001c00,
- gtsoftx3000 firmware v200r001c01spc100,
- gtsoftx3000 firmware v200r002c00spc300,
- gtsoftx3000 firmware v200r002c10spc100,
- lantis firmware,
- mobilett xp digital firmware,
- multix pro acss firmware,
- multix pro acss p firmware,
- multix pro firmware,
- multix pro navy firmware,
- multix pro p firmware,
- multix swing firmware,
- multix top acss firmware,
- multix top acss p firmware,
- multix top firmware,
- multix top p firmware,
- oceanstor 18500 firmware v100r001c30spc300,
- oceanstor 18800 firmware v100r001c30spc300,
- oceanstor 18800f firmware v100r001c30spc300,
- oceanstor hvs85t firmware v100r001c00,
- oceanstor hvs85t firmware v100r001c30spc200,
- oceanstor hvs88t firmware v100r001c00,
- oceanstor hvs88t firmware v100r001c30spc200,
- rapidpoint 500 firmware,
- rh1288 v2 firmware v100r002c00,
- rh1288a v2 firmware v100r002c00,
- rh2265 v2 firmware v100r002c00,
- rh2268 v2 firmware v100r002c00,
- rh2285 v2 firmware v100r002c00,
- rh2285h v2 firmware v100r002c00,
- rh2288 v2 firmware v100r002c00,
- rh2288a v2 firmware v100r002c00,
- rh2288e v2 firmware v100r002c00,
- rh2288h v2 firmware v100r002c00,
- rh2485 v2 firmware v100r002c00,
- rh5885 v2 firmware v100r001c00,
- rh5885 v3 firmware v100r003c00,
- seco vsm firmware v200r002c00,
- smc2.0 firmware v500r002c00,
- smc2.0 firmware v600r006c00,
- streamlab firmware,
- syngo lab process manager,
- uma firmware v200r001c00,
- uma firmware v300r001c00,
- vertix solitaire firmware,
- viva e firmware,
- viva twin firmware,
- windows 7 -,
- windows server 2008 -,
- windows server 2008 r2,
- x6000 firmware v100r002c00,
- x8000 firmware v100r002c20
Metasploit Modules
Exploited in the Wild
References
Advisory
