CVE-2019-1181 : Remote Desktop Services Remote Code Execution Vulnerability

获取后续新漏洞提醒登录后订阅

一、漏洞 CVE-2019-1181 基础信息

漏洞信息

对漏洞内容有疑问？看看神龙的深度分析是否有帮助！

查看神龙十问 ↗

尽管我们使用了先进的大模型技术，但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性，但请您根据实际情况进行核实和判断。

Vulnerability Title

Remote Desktop Services Remote Code Execution Vulnerability

来源: 美国国家漏洞数据库 NVD

Vulnerability Description

A remote code execution vulnerability exists in Remote Desktop Services – formerly known as Terminal Services – when an unauthenticated attacker connects to the target system using RDP and sends specially crafted requests. This vulnerability is pre-authentication and requires no user interaction. An attacker who successfully exploited this vulnerability could execute arbitrary code on the target system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. To exploit this vulnerability, an attacker would need to send a specially crafted request to the target systems Remote Desktop Service via RDP. The update addresses the vulnerability by correcting how Remote Desktop Services handles connection requests.

来源: 美国国家漏洞数据库 NVD

CVSS Information

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

来源: 美国国家漏洞数据库 NVD

Vulnerability Type

N/A

来源: 美国国家漏洞数据库 NVD

Vulnerability Title

Microsoft Windows Remote Desktop Services 访问控制错误漏洞

来源: 中国国家信息安全漏洞库 CNNVD

Vulnerability Description

Microsoft Windows和Microsoft Windows Server都是美国微软（Microsoft）公司的产品。Microsoft Windows是一套个人设备使用的操作系统。Microsoft Windows Server是一套服务器操作系统。Remote Desktop Services是其中的一个远程桌面服务组件。 Microsoft Windows中的Remote Desktop Services存在访问控制错误漏洞。攻击者可通过RDP向目标系统远程桌面服务发送特制的请求利用该漏

来源: 中国国家信息安全漏洞库 CNNVD

CVSS Information

N/A

来源: 中国国家信息安全漏洞库 CNNVD

Vulnerability Type

N/A

来源: 中国国家信息安全漏洞库 CNNVD

受影响产品

厂商	产品	影响版本	CPE
Microsoft	Windows 10 Version 1703	10.0.0 ~ publication	`cpe:2.3:o:microsoft:windows_10:1703:::::::*`
Microsoft	Windows 10 Version 1803	10.0.0 ~ publication	`cpe:2.3:o:microsoft:windows_10_1809:::::::x64:*`
Microsoft	Windows Server, version 1803 (Server Core Installation)	10.0.0 ~ publication	`cpe:2.3:o:microsoft:windows_server_1803::::::::`
Microsoft	Windows 10 Version 1809	10.0.0 ~ publication	`cpe:2.3:o:microsoft:windows_10_1809:::::::x86:*`
Microsoft	Windows Server 2019	10.0.0 ~ publication	`cpe:2.3:o:microsoft:windows_server_2019::::::::`
Microsoft	Windows Server 2019 (Server Core installation)	10.0.0 ~ publication	`cpe:2.3:o:microsoft:windows_server_2019::::::::`
Microsoft	Windows 10 Version 1709 for 32-bit Systems	10.0.0 ~ publication	`cpe:2.3:o:microsoft:windows_10:1709:::::::*`
Microsoft	Windows 10 Version 1709	10.0.0 ~ publication	`cpe:2.3:o:microsoft:windows_10:1709:::::::*`
Microsoft	Windows 10 Version 1903 for 32-bit Systems	10.0.0 ~ publication	`cpe:2.3:o:microsoft:windows_10:1903:::::::*`
Microsoft	Windows 10 Version 1903 for x64-based Systems	10.0.0 ~ publication	`cpe:2.3:o:microsoft:windows_10:1903:::::::*`
Microsoft	Windows 10 Version 1903 for ARM64-based Systems	10.0.0 ~ publication	`cpe:2.3:o:microsoft:windows_10:1903:::::::*`
Microsoft	Windows Server, version 1903 (Server Core installation)	10.0.0 ~ publication	`cpe:2.3:o:microsoft:windows_server_1903::::::::`
Microsoft	Windows 10 Version 1507	10.0.0 ~ publication	`cpe:2.3:o:microsoft:windows_10_1507:::::::x86:*`
Microsoft	Windows 10 Version 1607	10.0.0 ~ publication	`cpe:2.3:o:microsoft:windows_10_1607:::::::x86:*`
Microsoft	Windows Server 2016	10.0.0 ~ publication	`cpe:2.3:o:microsoft:windows_server_2016::::::::`
Microsoft	Windows Server 2016 (Server Core installation)	10.0.0 ~ publication	`cpe:2.3:o:microsoft:windows_server_2016::::::::`
Microsoft	Windows 8.1	6.3.0 ~ publication	`cpe:2.3:o:microsoft:windows_8.1:::::::x86:*`
Microsoft	Windows Server 2012	6.2.0 ~ publication	`cpe:2.3:o:microsoft:windows_server_2012:::::::x64:*`
Microsoft	Windows Server 2012 (Server Core installation)	6.2.0 ~ publication	`cpe:2.3:o:microsoft:windows_server_2012:::::::x64:*`
Microsoft	Windows Server 2012 R2	6.3.0 ~ publication	`cpe:2.3:o:microsoft:windows_server_2012_R2:::::::x64:*`
Microsoft	Windows Server 2012 R2 (Server Core installation)	6.3.0 ~ publication	`cpe:2.3:o:microsoft:windows_server_2012_R2:::::::x64:*`
Microsoft	Microsoft Remote Desktop for Android	0 ~ publication	`cpe:2.3:a:microsoft:remote_desktop:-:::::android::`
Microsoft	Microsoft Remote Desktop for IoS	1.0.0 ~ publication	`cpe:2.3:a:microsoft:remote_desktop:-:::::ios::`
Microsoft	Microsoft Remote Desktop for Mac	1.0.0 ~ publication	`cpe:2.3:a:microsoft:remote_desktop:-:::::mac::`

二、漏洞 CVE-2019-1181 的公开POC

#	POC 描述	源链接	神龙链接
1	None	https://github.com/major203/cve-2019-1181	POC详情

AI 生成 POC高级

未找到公开 POC。

登录以生成 AI POC

三、漏洞 CVE-2019-1181 的情报信息

Please 登录 to view more intelligence information

http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190819-01-windows-enx_refsource_CONFIRM
https://cert-portal.siemens.com/productcert/pdf/ssa-187667.pdfx_refsource_CONFIRM
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1181x_refsource_MISC
https://nvd.nist.gov/vuln/detail/CVE-2019-1181

四、漏洞 CVE-2019-1181 的评论

暂无评论

支持本站 — 捐款将帮助我们持续运营

一、漏洞 CVE-2019-1181 基础信息

漏洞信息

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

受影响产品

二、漏洞 CVE-2019-1181 的公开POC

三、漏洞 CVE-2019-1181 的情报信息

四、漏洞 CVE-2019-1181 的评论

发表评论

支持本站 — 捐款将帮助我们持续运营

一、 漏洞 CVE-2019-1181 基础信息

漏洞信息

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

受影响产品

二、漏洞 CVE-2019-1181 的公开POC

三、漏洞 CVE-2019-1181 的情报信息

四、漏洞 CVE-2019-1181 的评论

发表评论

一、漏洞 CVE-2019-1181 基础信息