Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2019-0708 (GCVE-0-2019-0708)
Vulnerability from cvelistv5 – Published: 2019-05-16 18:17 – Updated: 2025-10-21 23:45
VLAI?
EPSS
Summary
A remote code execution vulnerability exists in Remote Desktop Services formerly known as Terminal Services when an unauthenticated attacker connects to the target system using RDP and sends specially crafted requests, aka 'Remote Desktop Services Remote Code Execution Vulnerability'.
Severity ?
9.8 (Critical)
CWE
- Remote Code Execution
Assigner
References
| URL | Tags | |||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| Microsoft | Windows |
Affected:
7 for 32-bit Systems Service Pack 1
Affected: 7 for x64-based Systems Service Pack 1 |
|||||||
|
|||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T17:51:27.186Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0708"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-932041.pdf"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-616199.pdf"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-433987.pdf"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-832947.pdf"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-166360.pdf"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-406175.pdf"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190529-01-windows-en"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.huawei.com/en/psirt/security-notices/huawei-sn-20190515-01-windows-en"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/153133/Microsoft-Windows-Remote-Desktop-BlueKeep-Denial-Of-Service.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/153627/Microsoft-Windows-RDP-BlueKeep-Denial-Of-Service.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/154579/BlueKeep-RDP-Remote-Windows-Kernel-Use-After-Free.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/155389/Microsoft-Windows-7-x86-BlueKeep-RDP-Use-After-Free.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/162960/Microsoft-RDP-Remote-Code-Execution.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2019-0708",
"options": [
{
"Exploitation": "active"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-02-07T16:17:22.676231Z",
"version": "2.0.3"
},
"type": "ssvc"
}
},
{
"other": {
"content": {
"dateAdded": "2021-11-03",
"reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2019-0708"
},
"type": "kev"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-416",
"description": "CWE-416 Use After Free",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-21T23:45:37.137Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"tags": [
"government-resource"
],
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2019-0708"
}
],
"timeline": [
{
"lang": "en",
"time": "2021-11-03T00:00:00.000Z",
"value": "CVE-2019-0708 added to CISA KEV"
}
],
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Windows",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "7 for 32-bit Systems Service Pack 1"
},
{
"status": "affected",
"version": "7 for x64-based Systems Service Pack 1"
}
]
},
{
"product": "Windows Server",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "2008 R2 for x64-based Systems Service Pack 1 (Core installation)"
},
{
"status": "affected",
"version": "2008 R2 for Itanium-Based Systems Service Pack 1"
},
{
"status": "affected",
"version": "2008 R2 for x64-based Systems Service Pack 1"
},
{
"status": "affected",
"version": "2008 for 32-bit Systems Service Pack 2 (Core installation)"
},
{
"status": "affected",
"version": "2008 for Itanium-Based Systems Service Pack 2"
},
{
"status": "affected",
"version": "2008 for 32-bit Systems Service Pack 2"
},
{
"status": "affected",
"version": "2008 for x64-based Systems Service Pack 2"
},
{
"status": "affected",
"version": "2008 for x64-based Systems Service Pack 2 (Core installation)"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A remote code execution vulnerability exists in Remote Desktop Services formerly known as Terminal Services when an unauthenticated attacker connects to the target system using RDP and sends specially crafted requests, aka \u0027Remote Desktop Services Remote Code Execution Vulnerability\u0027."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Remote Code Execution",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-06-03T17:06:16.000Z",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0708"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-932041.pdf"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-616199.pdf"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-433987.pdf"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-832947.pdf"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-166360.pdf"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-406175.pdf"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190529-01-windows-en"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.huawei.com/en/psirt/security-notices/huawei-sn-20190515-01-windows-en"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/153133/Microsoft-Windows-Remote-Desktop-BlueKeep-Denial-Of-Service.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/153627/Microsoft-Windows-RDP-BlueKeep-Denial-Of-Service.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/154579/BlueKeep-RDP-Remote-Windows-Kernel-Use-After-Free.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/155389/Microsoft-Windows-7-x86-BlueKeep-RDP-Use-After-Free.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/162960/Microsoft-RDP-Remote-Code-Execution.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2019-0708",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Windows",
"version": {
"version_data": [
{
"version_value": "7 for 32-bit Systems Service Pack 1"
},
{
"version_value": "7 for x64-based Systems Service Pack 1"
}
]
}
},
{
"product_name": "Windows Server",
"version": {
"version_data": [
{
"version_value": "2008 R2 for x64-based Systems Service Pack 1 (Core installation)"
},
{
"version_value": "2008 R2 for Itanium-Based Systems Service Pack 1"
},
{
"version_value": "2008 R2 for x64-based Systems Service Pack 1"
},
{
"version_value": "2008 for 32-bit Systems Service Pack 2 (Core installation)"
},
{
"version_value": "2008 for Itanium-Based Systems Service Pack 2"
},
{
"version_value": "2008 for 32-bit Systems Service Pack 2"
},
{
"version_value": "2008 for x64-based Systems Service Pack 2"
},
{
"version_value": "2008 for x64-based Systems Service Pack 2 (Core installation)"
}
]
}
}
]
},
"vendor_name": "Microsoft"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A remote code execution vulnerability exists in Remote Desktop Services formerly known as Terminal Services when an unauthenticated attacker connects to the target system using RDP and sends specially crafted requests, aka \u0027Remote Desktop Services Remote Code Execution Vulnerability\u0027."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Remote Code Execution"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0708",
"refsource": "MISC",
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0708"
},
{
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-932041.pdf",
"refsource": "CONFIRM",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-932041.pdf"
},
{
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-616199.pdf",
"refsource": "CONFIRM",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-616199.pdf"
},
{
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-433987.pdf",
"refsource": "CONFIRM",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-433987.pdf"
},
{
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-832947.pdf",
"refsource": "CONFIRM",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-832947.pdf"
},
{
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-166360.pdf",
"refsource": "CONFIRM",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-166360.pdf"
},
{
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-406175.pdf",
"refsource": "CONFIRM",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-406175.pdf"
},
{
"name": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190529-01-windows-en",
"refsource": "CONFIRM",
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190529-01-windows-en"
},
{
"name": "http://www.huawei.com/en/psirt/security-notices/huawei-sn-20190515-01-windows-en",
"refsource": "CONFIRM",
"url": "http://www.huawei.com/en/psirt/security-notices/huawei-sn-20190515-01-windows-en"
},
{
"name": "http://packetstormsecurity.com/files/153133/Microsoft-Windows-Remote-Desktop-BlueKeep-Denial-Of-Service.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/153133/Microsoft-Windows-Remote-Desktop-BlueKeep-Denial-Of-Service.html"
},
{
"name": "http://packetstormsecurity.com/files/153627/Microsoft-Windows-RDP-BlueKeep-Denial-Of-Service.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/153627/Microsoft-Windows-RDP-BlueKeep-Denial-Of-Service.html"
},
{
"name": "http://packetstormsecurity.com/files/154579/BlueKeep-RDP-Remote-Windows-Kernel-Use-After-Free.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/154579/BlueKeep-RDP-Remote-Windows-Kernel-Use-After-Free.html"
},
{
"name": "http://packetstormsecurity.com/files/155389/Microsoft-Windows-7-x86-BlueKeep-RDP-Use-After-Free.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/155389/Microsoft-Windows-7-x86-BlueKeep-RDP-Use-After-Free.html"
},
{
"name": "http://packetstormsecurity.com/files/162960/Microsoft-RDP-Remote-Code-Execution.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/162960/Microsoft-RDP-Remote-Code-Execution.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2019-0708",
"datePublished": "2019-05-16T18:17:00.000Z",
"dateReserved": "2018-11-26T00:00:00.000Z",
"dateUpdated": "2025-10-21T23:45:37.137Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"cisa_known_exploited": {
"cveID": "CVE-2019-0708",
"cwes": "[\"CWE-416\"]",
"dateAdded": "2021-11-03",
"dueDate": "2022-05-03",
"knownRansomwareCampaignUse": "Known",
"notes": "https://nvd.nist.gov/vuln/detail/CVE-2019-0708",
"product": "Remote Desktop Services",
"requiredAction": "Apply updates per vendor instructions.",
"shortDescription": "Microsoft Remote Desktop Services, formerly known as Terminal Service, contains an unspecified vulnerability that allows an unauthenticated attacker to connect to the target system using RDP and send specially crafted requests. Successful exploitation allows for remote code execution. The vulnerability is also known under the moniker of BlueKeep.",
"vendorProject": "Microsoft",
"vulnerabilityName": "Microsoft Remote Desktop Services Remote Code Execution Vulnerability"
},
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0708\", \"tags\": [\"x_refsource_MISC\", \"x_transferred\"]}, {\"url\": \"https://cert-portal.siemens.com/productcert/pdf/ssa-932041.pdf\", \"tags\": [\"x_refsource_CONFIRM\", \"x_transferred\"]}, {\"url\": \"https://cert-portal.siemens.com/productcert/pdf/ssa-616199.pdf\", \"tags\": [\"x_refsource_CONFIRM\", \"x_transferred\"]}, {\"url\": \"https://cert-portal.siemens.com/productcert/pdf/ssa-433987.pdf\", \"tags\": [\"x_refsource_CONFIRM\", \"x_transferred\"]}, {\"url\": \"https://cert-portal.siemens.com/productcert/pdf/ssa-832947.pdf\", \"tags\": [\"x_refsource_CONFIRM\", \"x_transferred\"]}, {\"url\": \"https://cert-portal.siemens.com/productcert/pdf/ssa-166360.pdf\", \"tags\": [\"x_refsource_CONFIRM\", \"x_transferred\"]}, {\"url\": \"https://cert-portal.siemens.com/productcert/pdf/ssa-406175.pdf\", \"tags\": [\"x_refsource_CONFIRM\", \"x_transferred\"]}, {\"url\": \"http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190529-01-windows-en\", \"tags\": [\"x_refsource_CONFIRM\", \"x_transferred\"]}, {\"url\": \"http://www.huawei.com/en/psirt/security-notices/huawei-sn-20190515-01-windows-en\", \"tags\": [\"x_refsource_CONFIRM\", \"x_transferred\"]}, {\"url\": \"http://packetstormsecurity.com/files/153133/Microsoft-Windows-Remote-Desktop-BlueKeep-Denial-Of-Service.html\", \"tags\": [\"x_refsource_MISC\", \"x_transferred\"]}, {\"url\": \"http://packetstormsecurity.com/files/153627/Microsoft-Windows-RDP-BlueKeep-Denial-Of-Service.html\", \"tags\": [\"x_refsource_MISC\", \"x_transferred\"]}, {\"url\": \"http://packetstormsecurity.com/files/154579/BlueKeep-RDP-Remote-Windows-Kernel-Use-After-Free.html\", \"tags\": [\"x_refsource_MISC\", \"x_transferred\"]}, {\"url\": \"http://packetstormsecurity.com/files/155389/Microsoft-Windows-7-x86-BlueKeep-RDP-Use-After-Free.html\", \"tags\": [\"x_refsource_MISC\", \"x_transferred\"]}, {\"url\": \"http://packetstormsecurity.com/files/162960/Microsoft-RDP-Remote-Code-Execution.html\", \"tags\": [\"x_refsource_MISC\", \"x_transferred\"]}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2024-08-04T17:51:27.186Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 9.8, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"CRITICAL\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\", \"integrityImpact\": \"HIGH\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"HIGH\"}}, {\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2019-0708\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"active\"}, {\"Automatable\": \"yes\"}, {\"Technical Impact\": \"total\"}], \"version\": \"2.0.3\", \"timestamp\": \"2025-02-07T16:17:22.676231Z\"}}}, {\"other\": {\"type\": \"kev\", \"content\": {\"dateAdded\": \"2021-11-03\", \"reference\": \"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2019-0708\"}}}], \"timeline\": [{\"lang\": \"en\", \"time\": \"2021-11-03T00:00:00.000Z\", \"value\": \"CVE-2019-0708 added to CISA KEV\"}], \"references\": [{\"url\": \"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2019-0708\", \"tags\": [\"government-resource\"]}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-416\", \"description\": \"CWE-416 Use After Free\"}]}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2025-02-07T16:17:23.064Z\"}}], \"cna\": {\"affected\": [{\"vendor\": \"Microsoft\", \"product\": \"Windows\", \"versions\": [{\"status\": \"affected\", \"version\": \"7 for 32-bit Systems Service Pack 1\"}, {\"status\": \"affected\", \"version\": \"7 for x64-based Systems Service Pack 1\"}]}, {\"vendor\": \"Microsoft\", \"product\": \"Windows Server\", \"versions\": [{\"status\": \"affected\", \"version\": \"2008 R2 for x64-based Systems Service Pack 1 (Core installation)\"}, {\"status\": \"affected\", \"version\": \"2008 R2 for Itanium-Based Systems Service Pack 1\"}, {\"status\": \"affected\", \"version\": \"2008 R2 for x64-based Systems Service Pack 1\"}, {\"status\": \"affected\", \"version\": \"2008 for 32-bit Systems Service Pack 2 (Core installation)\"}, {\"status\": \"affected\", \"version\": \"2008 for Itanium-Based Systems Service Pack 2\"}, {\"status\": \"affected\", \"version\": \"2008 for 32-bit Systems Service Pack 2\"}, {\"status\": \"affected\", \"version\": \"2008 for x64-based Systems Service Pack 2\"}, {\"status\": \"affected\", \"version\": \"2008 for x64-based Systems Service Pack 2 (Core installation)\"}]}], \"references\": [{\"url\": \"https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0708\", \"tags\": [\"x_refsource_MISC\"]}, {\"url\": \"https://cert-portal.siemens.com/productcert/pdf/ssa-932041.pdf\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"https://cert-portal.siemens.com/productcert/pdf/ssa-616199.pdf\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"https://cert-portal.siemens.com/productcert/pdf/ssa-433987.pdf\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"https://cert-portal.siemens.com/productcert/pdf/ssa-832947.pdf\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"https://cert-portal.siemens.com/productcert/pdf/ssa-166360.pdf\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"https://cert-portal.siemens.com/productcert/pdf/ssa-406175.pdf\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190529-01-windows-en\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"http://www.huawei.com/en/psirt/security-notices/huawei-sn-20190515-01-windows-en\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"http://packetstormsecurity.com/files/153133/Microsoft-Windows-Remote-Desktop-BlueKeep-Denial-Of-Service.html\", \"tags\": [\"x_refsource_MISC\"]}, {\"url\": \"http://packetstormsecurity.com/files/153627/Microsoft-Windows-RDP-BlueKeep-Denial-Of-Service.html\", \"tags\": [\"x_refsource_MISC\"]}, {\"url\": \"http://packetstormsecurity.com/files/154579/BlueKeep-RDP-Remote-Windows-Kernel-Use-After-Free.html\", \"tags\": [\"x_refsource_MISC\"]}, {\"url\": \"http://packetstormsecurity.com/files/155389/Microsoft-Windows-7-x86-BlueKeep-RDP-Use-After-Free.html\", \"tags\": [\"x_refsource_MISC\"]}, {\"url\": \"http://packetstormsecurity.com/files/162960/Microsoft-RDP-Remote-Code-Execution.html\", \"tags\": [\"x_refsource_MISC\"]}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"A remote code execution vulnerability exists in Remote Desktop Services formerly known as Terminal Services when an unauthenticated attacker connects to the target system using RDP and sends specially crafted requests, aka \u0027Remote Desktop Services Remote Code Execution Vulnerability\u0027.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"text\", \"description\": \"Remote Code Execution\"}]}], \"providerMetadata\": {\"orgId\": \"f38d906d-7342-40ea-92c1-6c4a2c6478c8\", \"shortName\": \"microsoft\", \"dateUpdated\": \"2021-06-03T17:06:16.000Z\"}, \"x_legacyV4Record\": {\"affects\": {\"vendor\": {\"vendor_data\": [{\"product\": {\"product_data\": [{\"version\": {\"version_data\": [{\"version_value\": \"7 for 32-bit Systems Service Pack 1\"}, {\"version_value\": \"7 for x64-based Systems Service Pack 1\"}]}, \"product_name\": \"Windows\"}, {\"version\": {\"version_data\": [{\"version_value\": \"2008 R2 for x64-based Systems Service Pack 1 (Core installation)\"}, {\"version_value\": \"2008 R2 for Itanium-Based Systems Service Pack 1\"}, {\"version_value\": \"2008 R2 for x64-based Systems Service Pack 1\"}, {\"version_value\": \"2008 for 32-bit Systems Service Pack 2 (Core installation)\"}, {\"version_value\": \"2008 for Itanium-Based Systems Service Pack 2\"}, {\"version_value\": \"2008 for 32-bit Systems Service Pack 2\"}, {\"version_value\": \"2008 for x64-based Systems Service Pack 2\"}, {\"version_value\": \"2008 for x64-based Systems Service Pack 2 (Core installation)\"}]}, \"product_name\": \"Windows Server\"}]}, \"vendor_name\": \"Microsoft\"}]}}, \"data_type\": \"CVE\", \"references\": {\"reference_data\": [{\"url\": \"https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0708\", \"name\": \"https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0708\", \"refsource\": \"MISC\"}, {\"url\": \"https://cert-portal.siemens.com/productcert/pdf/ssa-932041.pdf\", \"name\": \"https://cert-portal.siemens.com/productcert/pdf/ssa-932041.pdf\", \"refsource\": \"CONFIRM\"}, {\"url\": \"https://cert-portal.siemens.com/productcert/pdf/ssa-616199.pdf\", \"name\": \"https://cert-portal.siemens.com/productcert/pdf/ssa-616199.pdf\", \"refsource\": \"CONFIRM\"}, {\"url\": \"https://cert-portal.siemens.com/productcert/pdf/ssa-433987.pdf\", \"name\": \"https://cert-portal.siemens.com/productcert/pdf/ssa-433987.pdf\", \"refsource\": \"CONFIRM\"}, {\"url\": \"https://cert-portal.siemens.com/productcert/pdf/ssa-832947.pdf\", \"name\": \"https://cert-portal.siemens.com/productcert/pdf/ssa-832947.pdf\", \"refsource\": \"CONFIRM\"}, {\"url\": \"https://cert-portal.siemens.com/productcert/pdf/ssa-166360.pdf\", \"name\": \"https://cert-portal.siemens.com/productcert/pdf/ssa-166360.pdf\", \"refsource\": \"CONFIRM\"}, {\"url\": \"https://cert-portal.siemens.com/productcert/pdf/ssa-406175.pdf\", \"name\": \"https://cert-portal.siemens.com/productcert/pdf/ssa-406175.pdf\", \"refsource\": \"CONFIRM\"}, {\"url\": \"http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190529-01-windows-en\", \"name\": \"http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190529-01-windows-en\", \"refsource\": \"CONFIRM\"}, {\"url\": \"http://www.huawei.com/en/psirt/security-notices/huawei-sn-20190515-01-windows-en\", \"name\": \"http://www.huawei.com/en/psirt/security-notices/huawei-sn-20190515-01-windows-en\", \"refsource\": \"CONFIRM\"}, {\"url\": \"http://packetstormsecurity.com/files/153133/Microsoft-Windows-Remote-Desktop-BlueKeep-Denial-Of-Service.html\", \"name\": \"http://packetstormsecurity.com/files/153133/Microsoft-Windows-Remote-Desktop-BlueKeep-Denial-Of-Service.html\", \"refsource\": \"MISC\"}, {\"url\": \"http://packetstormsecurity.com/files/153627/Microsoft-Windows-RDP-BlueKeep-Denial-Of-Service.html\", \"name\": \"http://packetstormsecurity.com/files/153627/Microsoft-Windows-RDP-BlueKeep-Denial-Of-Service.html\", \"refsource\": \"MISC\"}, {\"url\": \"http://packetstormsecurity.com/files/154579/BlueKeep-RDP-Remote-Windows-Kernel-Use-After-Free.html\", \"name\": \"http://packetstormsecurity.com/files/154579/BlueKeep-RDP-Remote-Windows-Kernel-Use-After-Free.html\", \"refsource\": \"MISC\"}, {\"url\": \"http://packetstormsecurity.com/files/155389/Microsoft-Windows-7-x86-BlueKeep-RDP-Use-After-Free.html\", \"name\": \"http://packetstormsecurity.com/files/155389/Microsoft-Windows-7-x86-BlueKeep-RDP-Use-After-Free.html\", \"refsource\": \"MISC\"}, {\"url\": \"http://packetstormsecurity.com/files/162960/Microsoft-RDP-Remote-Code-Execution.html\", \"name\": \"http://packetstormsecurity.com/files/162960/Microsoft-RDP-Remote-Code-Execution.html\", \"refsource\": \"MISC\"}]}, \"data_format\": \"MITRE\", \"description\": {\"description_data\": [{\"lang\": \"eng\", \"value\": \"A remote code execution vulnerability exists in Remote Desktop Services formerly known as Terminal Services when an unauthenticated attacker connects to the target system using RDP and sends specially crafted requests, aka \u0027Remote Desktop Services Remote Code Execution Vulnerability\u0027.\"}]}, \"problemtype\": {\"problemtype_data\": [{\"description\": [{\"lang\": \"eng\", \"value\": \"Remote Code Execution\"}]}]}, \"data_version\": \"4.0\", \"CVE_data_meta\": {\"ID\": \"CVE-2019-0708\", \"STATE\": \"PUBLIC\", \"ASSIGNER\": \"secure@microsoft.com\"}}}}",
"cveMetadata": "{\"cveId\": \"CVE-2019-0708\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-10-21T23:45:37.137Z\", \"dateReserved\": \"2018-11-26T00:00:00.000Z\", \"assignerOrgId\": \"f38d906d-7342-40ea-92c1-6c4a2c6478c8\", \"datePublished\": \"2019-05-16T18:17:00.000Z\", \"assignerShortName\": \"microsoft\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
}
}
CERTFR-2019-AVI-223
Vulnerability from certfr_avis - Published: 2019-05-15 - Updated: 2019-05-15
De multiples vulnérabilités ont été corrigées dans Microsoft Windows. Elles permettent à un attaquant de provoquer une atteinte à la confidentialité des données, une élévation de privilèges, une exécution de code à distance et un contournement de la fonctionnalité de sécurité.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Microsoft | Windows | Windows Server 2012 | ||
| Microsoft | Windows | Windows 10 pour systèmes x64 | ||
| Microsoft | Windows | Windows 10 Version 1809 pour systèmes x64 | ||
| Microsoft | Windows | Windows 10 Version 1903 pour systèmes x64 | ||
| Microsoft | Windows | Windows Server 2019 (Server Core installation) | ||
| Microsoft | Windows | Windows Server 2019 | ||
| Microsoft | Windows | Windows Server 2012 R2 | ||
| Microsoft | Windows | Windows Server 2008 R2 pour systèmes Itanium Service Pack 1 | ||
| Microsoft | Windows | Windows 10 Version 1803 pour systèmes 32 bits | ||
| Microsoft | Windows | Windows 10 Version 1607 pour systèmes 32 bits | ||
| Microsoft | Windows | Windows 10 Version 1803 pour systèmes x64 | ||
| Microsoft | Windows | Windows Server 2008 pour systèmes x64 Service Pack 2 | ||
| Microsoft | Windows | Windows 10 Version 1809 pour systèmes 32 bits | ||
| Microsoft | Windows | Windows Server, version 1803 (Server Core Installation) | ||
| Microsoft | Windows | Windows 10 Version 1709 pour systèmes 32 bits | ||
| Microsoft | Windows | Windows Server 2016 (Server Core installation) | ||
| Microsoft | Windows | Windows 10 Version 1903 pour systèmes 32 bits | ||
| Microsoft | Windows | Windows RT 8.1 | ||
| Microsoft | Windows | Windows 7 pour systèmes x64 Service Pack 1 | ||
| Microsoft | Windows | Windows 10 Version 1809 pour ARM64-based Systems | ||
| Microsoft | Windows | Windows 10 Version 1709 pour ARM64-based Systems | ||
| Microsoft | Windows | Windows Server 2008 pour systèmes x64 Service Pack 2 (Server Core installation) | ||
| Microsoft | Windows | Windows Server 2008 pour systèmes 32 bits Service Pack 2 (Server Core installation) | ||
| Microsoft | Windows | Windows 10 Version 1607 pour systèmes x64 | ||
| Microsoft | Windows | Windows 10 Version 1703 pour systèmes x64 | ||
| Microsoft | Windows | Windows Server 2012 (Server Core installation) | ||
| Microsoft | Windows | Windows 10 Version 1803 pour ARM64-based Systems | ||
| Microsoft | Windows | Windows Server 2008 pour systèmes 32 bits Service Pack 2 | ||
| Microsoft | Windows | Windows Server 2008 R2 pour systèmes x64 Service Pack 1 | ||
| Microsoft | Windows | Windows 8.1 pour systèmes x64 | ||
| Microsoft | Windows | Windows 10 Version 1703 pour systèmes 32 bits | ||
| Microsoft | Windows | Windows Server 2016 | ||
| Microsoft | Windows | Windows Server 2008 pour systèmes Itanium Service Pack 2 | ||
| Microsoft | Windows | Windows 10 Version 1903 pour ARM64-based Systems | ||
| Microsoft | Windows | Windows 8.1 pour systèmes 32 bits | ||
| Microsoft | Windows | Windows Server 2008 R2 pour systèmes x64 Service Pack 1 (Server Core installation) | ||
| Microsoft | Windows | Windows Server 2012 R2 (Server Core installation) | ||
| Microsoft | Windows | Windows 10 pour systèmes 32 bits | ||
| Microsoft | Windows | Windows 7 pour systèmes 32 bits Service Pack 1 | ||
| Microsoft | Windows | Windows 10 Version 1709 pour 64-based Systems | ||
| Microsoft | Windows | Windows Server, version 1903 (Server Core installation) |
References
| Title | Publication Time | Tags | |||
|---|---|---|---|---|---|
|
|||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Windows Server 2012",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows 10 pour syst\u00e8mes x64",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows 10 Version 1809 pour syst\u00e8mes x64",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows 10 Version 1903 pour syst\u00e8mes x64",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows Server 2019 (Server Core installation)",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows Server 2019",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows Server 2012 R2",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows Server 2008 R2 pour syst\u00e8mes Itanium Service Pack 1",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows 10 Version 1803 pour syst\u00e8mes 32 bits",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows 10 Version 1607 pour syst\u00e8mes 32 bits",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows 10 Version 1803 pour syst\u00e8mes x64",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows Server 2008 pour syst\u00e8mes x64 Service Pack 2",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows 10 Version 1809 pour syst\u00e8mes 32 bits",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows Server, version 1803 (Server Core Installation)",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows 10 Version 1709 pour syst\u00e8mes 32 bits",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows Server 2016 (Server Core installation)",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows 10 Version 1903 pour syst\u00e8mes 32 bits",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows RT 8.1",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows 7 pour syst\u00e8mes x64 Service Pack 1",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows 10 Version 1809 pour ARM64-based Systems",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows 10 Version 1709 pour ARM64-based Systems",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows Server 2008 pour syst\u00e8mes x64 Service Pack 2 (Server Core installation)",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows Server 2008 pour syst\u00e8mes 32 bits Service Pack 2 (Server Core installation)",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows 10 Version 1607 pour syst\u00e8mes x64",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows 10 Version 1703 pour syst\u00e8mes x64",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows Server 2012 (Server Core installation)",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows 10 Version 1803 pour ARM64-based Systems",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows Server 2008 pour syst\u00e8mes 32 bits Service Pack 2",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows Server 2008 R2 pour syst\u00e8mes x64 Service Pack 1",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows 8.1 pour syst\u00e8mes x64",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows 10 Version 1703 pour syst\u00e8mes 32 bits",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows Server 2016",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows Server 2008 pour syst\u00e8mes Itanium Service Pack 2",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows 10 Version 1903 pour ARM64-based Systems",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows 8.1 pour syst\u00e8mes 32 bits",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows Server 2008 R2 pour syst\u00e8mes x64 Service Pack 1 (Server Core installation)",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows Server 2012 R2 (Server Core installation)",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows 10 pour syst\u00e8mes 32 bits",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows 7 pour syst\u00e8mes 32 bits Service Pack 1",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows 10 Version 1709 pour 64-based Systems",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows Server, version 1903 (Server Core installation)",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2019-0734",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-0734"
},
{
"name": "CVE-2019-0882",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-0882"
},
{
"name": "CVE-2019-0896",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-0896"
},
{
"name": "CVE-2019-0733",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-0733"
},
{
"name": "CVE-2019-0727",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-0727"
},
{
"name": "CVE-2019-0890",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-0890"
},
{
"name": "CVE-2019-0886",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-0886"
},
{
"name": "CVE-2019-0893",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-0893"
},
{
"name": "CVE-2019-0931",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-0931"
},
{
"name": "CVE-2019-0863",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-0863"
},
{
"name": "CVE-2019-0885",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-0885"
},
{
"name": "CVE-2019-0881",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-0881"
},
{
"name": "CVE-2019-0961",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-0961"
},
{
"name": "CVE-2019-0902",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-0902"
},
{
"name": "CVE-2019-0894",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-0894"
},
{
"name": "CVE-2019-0899",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-0899"
},
{
"name": "CVE-2019-0889",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-0889"
},
{
"name": "CVE-2019-0936",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-0936"
},
{
"name": "CVE-2019-0895",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-0895"
},
{
"name": "CVE-2019-0898",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-0898"
},
{
"name": "CVE-2019-0903",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-0903"
},
{
"name": "CVE-2019-0892",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-0892"
},
{
"name": "CVE-2019-0891",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-0891"
},
{
"name": "CVE-2019-0901",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-0901"
},
{
"name": "CVE-2019-0897",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-0897"
},
{
"name": "CVE-2019-0942",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-0942"
},
{
"name": "CVE-2019-0758",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-0758"
},
{
"name": "CVE-2019-0707",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-0707"
},
{
"name": "CVE-2019-0708",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-0708"
},
{
"name": "CVE-2019-0725",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-0725"
},
{
"name": "CVE-2019-0900",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-0900"
}
],
"initial_release_date": "2019-05-15T00:00:00",
"last_revision_date": "2019-05-15T00:00:00",
"links": [],
"reference": "CERTFR-2019-AVI-223",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2019-05-15T00:00:00.000000"
}
],
"risks": [
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Contournement de la fonctionnalit\u00e9 de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans \u003cspan\nclass=\"textit\"\u003eMicrosoft Windows\u003c/span\u003e. Elles permettent \u00e0 un attaquant\nde provoquer une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es, une\n\u00e9l\u00e9vation de privil\u00e8ges, une ex\u00e9cution de code \u00e0 distance et un\ncontournement de la fonctionnalit\u00e9 de s\u00e9curit\u00e9.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans Microsoft Windows",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft du 14 mai 2019",
"url": "https://portal.msrc.microsoft.com/fr-FR/security-guidance"
}
]
}
CERTFR-2019-AVI-240
Vulnerability from certfr_avis - Published: 2019-05-27 - Updated: 2019-05-27
Une vulnérabilité a été découverte dans les produits Siemens. Elle permet à un attaquant de provoquer une exécution de code arbitraire à distance.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Siemens | N/A | syngo Lab Process Manager | ||
| Siemens | N/A | Medicalis Intelligo | ||
| Siemens | N/A | Medicalis Workflow Orchestrator | ||
| Siemens | N/A | Rapid Point 500 versions 2.2, 2.2.1, 2.2.2, 2.3, 2.3.1 et 2.3.2 | ||
| Siemens | N/A | System ACOM.net 2.0, Mat. Nr. 05568386 (VC20A, VC21B, VC22B and VX22A) | ||
| Siemens | N/A | CentraLink | ||
| Siemens | N/A | StreamLab | ||
| Siemens | N/A | Medicalis Referral Management | ||
| Siemens | N/A | CS 5100 toutes versions sur Windows XP et Windows 7 | ||
| Siemens | N/A | SYSTEM ACOM.NET, Mat. Nr. 04815549 (VC20A, VC21B, VC22B and VX22A) | ||
| Siemens | N/A | Sensis SIS Server Machine, Mat. Nr. 06648153 (VC11C/D, VC12B/C, VC12L/M) | ||
| Siemens | N/A | syngo.via WebViewer | ||
| Siemens | N/A | syngo Imaging | ||
| Siemens | N/A | SENSIS Dell High-End Server (VC12), Mat. Nr.10910620 (VC11C/D, VC12B/C, VC12L/M) | ||
| Siemens | N/A | AXIOM Vertix MD Trauma toutes versions avec Canon Detector | ||
| Siemens | N/A | MULTIX PRO ACSS P toutes versions avec Canon Detector | ||
| Siemens | N/A | VERTIX SOLITAIRE toutes versions avec Canon Detector | ||
| Siemens | N/A | AUWi | ||
| Siemens | N/A | VM SIS Virtual Server, Mat. Nr. 10765502 (VC11C/D, VC12B/C, VC12L/M) | ||
| Siemens | N/A | MagicLinkA | ||
| Siemens | N/A | syngo.via | ||
| Siemens | N/A | syngo Workflow MLR | ||
| Siemens | N/A | Atellica COAG 360 toutes versions sur Windows 7 | ||
| Siemens | N/A | AXIOM Multix M toutes versions avec Canon Detector | ||
| Siemens | N/A | MULTIX Swing toutes versions avec Canon Detector | ||
| Siemens | N/A | Atellica Solution | ||
| Siemens | N/A | Viva E | ||
| Siemens | N/A | BCS XP toutes versions sur Windows XP et Windows 7 | ||
| Siemens | N/A | MULTIX TOP toutes versions avec Canon Detector | ||
| Siemens | N/A | AUWi Pro | ||
| Siemens | N/A | Sensis High End SIS Server, Mat. Nr. 10140973 (VC11C/D, VC12B/C, VC12L/M) | ||
| Siemens | N/A | syngo Plaza | ||
| Siemens | N/A | Medicalis Clinical Decision Support | ||
| Siemens | N/A | teamplay (receiver) | ||
| Siemens | N/A | Atellica NEPH 630 toutes versions sur Windows 7 | ||
| Siemens | N/A | Screening Navigator | ||
| Siemens | N/A | Lantis | ||
| Siemens | N/A | MULTIX TOP ACSS toutes versions avec Canon Detector | ||
| Siemens | N/A | CS 2100 toutes versions sur Windows XP et Windows 7 | ||
| Siemens | N/A | CS 2500 toutes versions sur Windows 7 | ||
| Siemens | N/A | AXIOM Vertix Solitaire M toutes versions avec Canon Detector | ||
| Siemens | N/A | MULTIX PRO P toutes versions avec Canon Detector | ||
| Siemens | N/A | MOBILETT XP Digital toutes versions avec Canon Detector | ||
| Siemens | N/A | System ACOM-Net, Mat. Nr. 5903872 (VC20A, VC21B, VC22B and VX22A) | ||
| Siemens | N/A | MagicView300 | ||
| Siemens | N/A | BN ProSpec toutes versions sur Windows XP et Windows 7 | ||
| Siemens | N/A | MagicView1000W | ||
| Siemens | N/A | MULTIX PRO/PRO ACSS/PRO Navy toutes versions avec Canon Detector | ||
| Siemens | N/A | Aptio by Inpeco | ||
| Siemens | N/A | syngo Workflow SLR | ||
| Siemens | N/A | syngo Dynamics | ||
| Siemens | N/A | Viva Twin | ||
| Siemens | N/A | CS 2000 toutes versions sur Windows XP et Windows 7 | ||
| Siemens | N/A | MULTIX TOP P/TOP ACSS P toutes versions avec Canon Detector | ||
| Siemens | N/A | syngo.via View&GO | ||
| Siemens | N/A | Aptio by Siemens |
References
| Title | Publication Time | Tags | |||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "syngo Lab Process Manager",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "Medicalis Intelligo",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "Medicalis Workflow Orchestrator",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "Rapid Point 500 versions 2.2, 2.2.1, 2.2.2, 2.3, 2.3.1 et 2.3.2",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "System ACOM.net 2.0, Mat. Nr. 05568386 (VC20A, VC21B, VC22B and VX22A)",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "CentraLink",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "StreamLab",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "Medicalis Referral Management",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "CS 5100 toutes versions sur Windows XP et Windows 7",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SYSTEM ACOM.NET, Mat. Nr. 04815549 (VC20A, VC21B, VC22B and VX22A)",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "Sensis SIS Server Machine, Mat. Nr. 06648153 (VC11C/D, VC12B/C, VC12L/M)",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "syngo.via WebViewer",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "syngo Imaging",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SENSIS Dell High-End Server (VC12), Mat. Nr.10910620 (VC11C/D, VC12B/C, VC12L/M)",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "AXIOM Vertix MD Trauma toutes versions avec Canon Detector",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "MULTIX PRO ACSS P toutes versions avec Canon Detector",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "VERTIX SOLITAIRE toutes versions avec Canon Detector",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "AUWi",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "VM SIS Virtual Server, Mat. Nr. 10765502 (VC11C/D, VC12B/C, VC12L/M)",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "MagicLinkA",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "syngo.via",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "syngo Workflow MLR",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "Atellica COAG 360 toutes versions sur Windows 7",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "AXIOM Multix M toutes versions avec Canon Detector",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "MULTIX Swing toutes versions avec Canon Detector",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "Atellica Solution",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "Viva E",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "BCS XP toutes versions sur Windows XP et Windows 7",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "MULTIX TOP toutes versions avec Canon Detector",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "AUWi Pro",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "Sensis High End SIS Server, Mat. Nr. 10140973 (VC11C/D, VC12B/C, VC12L/M)",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "syngo Plaza",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "Medicalis Clinical Decision Support",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "teamplay (receiver)",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "Atellica NEPH 630 toutes versions sur Windows 7",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "Screening Navigator",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "Lantis",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "MULTIX TOP ACSS toutes versions avec Canon Detector",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "CS 2100 toutes versions sur Windows XP et Windows 7",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "CS 2500 toutes versions sur Windows 7",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "AXIOM Vertix Solitaire M toutes versions avec Canon Detector",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "MULTIX PRO P toutes versions avec Canon Detector",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "MOBILETT XP Digital toutes versions avec Canon Detector",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "System ACOM-Net, Mat. Nr. 5903872 (VC20A, VC21B, VC22B and VX22A)",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "MagicView300",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "BN ProSpec toutes versions sur Windows XP et Windows 7",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "MagicView1000W",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "MULTIX PRO/PRO ACSS/PRO Navy toutes versions avec Canon Detector",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "Aptio by Inpeco",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "syngo Workflow SLR",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "syngo Dynamics",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "Viva Twin",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "CS 2000 toutes versions sur Windows XP et Windows 7",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "MULTIX TOP P/TOP ACSS P toutes versions avec Canon Detector",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "syngo.via View\u0026GO",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "Aptio by Siemens",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2019-0708",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-0708"
}
],
"initial_release_date": "2019-05-27T00:00:00",
"last_revision_date": "2019-05-27T00:00:00",
"links": [],
"reference": "CERTFR-2019-AVI-240",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2019-05-27T00:00:00.000000"
}
],
"risks": [
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
}
],
"summary": "Une vuln\u00e9rabilit\u00e9 a \u00e9t\u00e9 d\u00e9couverte dans les produits Siemens. Elle\npermet \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire \u00e0\ndistance.\n",
"title": "SCADA Vuln\u00e9rabilit\u00e9 dans les produits Siemens",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-932041 du 24 mai 2019",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-932041.pdf"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-166360 du 24 mai 2019",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-166360.pdf"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-832947 du 24 mai 2019",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-832947.pdf"
},
{
"published_at": null,
"title": "Alerte CERT-FR CERTFR-2019-ALE-006 du 15 mai 2019",
"url": "https://www.cert.ssi.gouv.fr/alerte/CERTFR-2019-ALE-006/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-616199 du 24 mai 2019",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-616199.pdf"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-406175 du 24 mai 2019",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-406175.pdf"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-433987 du 24 mai 2019",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-433987.pdf"
}
]
}
CERTFR-2019-AVI-311
Vulnerability from certfr_avis - Published: 2019-07-09 - Updated: 2019-07-09
De multiples vulnérabilités ont été découvertes dans les produits Siemens. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, une atteinte à l'intégrité des données et une atteinte à la confidentialité des données.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Siemens | N/A | SIPROTEC 5 types 6MD85, 6MD86,6MD89, 7UM85, 7SA87, 7SD87, 7SL87, 7VK87,7SA82, 7SA86, 7SD82, 7SD86, 7SL82, 7SL86,7SJ86, 7SK82, 7SK85, 7SJ82, 7SJ85, 7UT82,7UT85, 7UT86, 7UT87 et 7VE85 versions antérieures à V7.90 | ||
| Siemens | N/A | Spectrum Power 3, 4, 5 et 7 | ||
| Siemens | N/A | SIMATIC WinCC V7.4 versions antérieures à V7.4 SP1 Upd 11 | ||
| Siemens | N/A | RAPIDPoint 500 | ||
| Siemens | N/A | SIMATIC IPC627E avec un BIOS d'une version antérieure à V25.02.04 | ||
| Siemens | N/A | SIMATIC PCS 7 V8.2 avec WinCC versions antérieures à V7.4 SP1 Upd 11 | ||
| Siemens | N/A | SENSIS Dell High-End Server (VC12), Mat. Nr.10910620: versions antérieures à VC12M sans le correctif AX037/19/P | ||
| Siemens | N/A | Sensis SIS Server Machine, Mat. Nr. 06648153: versions antérieures à VC11D, VC12M, VD11B sans le correctif AX037/19/P | ||
| Siemens | N/A | SIMATIC RF68XR versions antérieures à V3.2.1 | ||
| Siemens | N/A | SIMATIC IPC427E avec un BIOS d'une version antérieure à V21.01.11 | ||
| Siemens | N/A | SIMATIC IPC647E avec un BIOS d'une version antérieure à V25.02.04 | ||
| Siemens | N/A | TIA Administrator versions antérieures à V1.0 SP1 Upd1 | ||
| Siemens | N/A | SIMATIC WinCC V7.5 versions antérieures à V7.5 Upd 3 | ||
| Siemens | N/A | SIMATIC IPC847E avec un BIOS d'une version antérieure à V25.02.04 | ||
| Siemens | N/A | SIMATIC IPC677E avec un BIOS d'une version antérieure à V25.02.04 | ||
| Siemens | N/A | SIMATIC RF615R versions antérieures à V3.2.1 | ||
| Siemens | N/A | SIMATIC IPC477E Pro avec un BIOS d'une version antérieure à V21.01.11 | ||
| Siemens | N/A | Sensis High End SIS Server, Mat. Nr. 10140973: versions antérieures à VC11D, VC12M sans le correctif AX037/19/P | ||
| Siemens | N/A | SIMATIC IPC477E avec un BIOS d'une version antérieure à V21.01.11 | ||
| Siemens | N/A | DIGSI 5 versions antérieures à V7.90 | ||
| Siemens | N/A | SIMATIC PCS 7 V9.0 avec WinCC versions antérieures à V7.4 SP1 Upd 11 | ||
| Siemens | N/A | VM SIS Virtual Server, Mat. Nr. 10765502: versions antérieures à VC12M sans le correctif AX037/19/P |
References
| Title | Publication Time | Tags | ||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "SIPROTEC 5 types 6MD85, 6MD86,6MD89, 7UM85, 7SA87, 7SD87, 7SL87, 7VK87,7SA82, 7SA86, 7SD82, 7SD86, 7SL82, 7SL86,7SJ86, 7SK82, 7SK85, 7SJ82, 7SJ85, 7UT82,7UT85, 7UT86, 7UT87 et 7VE85 versions ant\u00e9rieures \u00e0 V7.90",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "Spectrum Power 3, 4, 5 et 7",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC WinCC V7.4 versions ant\u00e9rieures \u00e0 V7.4 SP1 Upd 11",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "RAPIDPoint 500",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC IPC627E avec un BIOS d\u0027une version ant\u00e9rieure \u00e0 V25.02.04",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC PCS 7 V8.2 avec WinCC versions ant\u00e9rieures \u00e0 V7.4 SP1 Upd 11",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SENSIS Dell High-End Server (VC12), Mat. Nr.10910620: versions ant\u00e9rieures \u00e0 VC12M sans le correctif AX037/19/P",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "Sensis SIS Server Machine, Mat. Nr. 06648153: versions ant\u00e9rieures \u00e0 VC11D, VC12M, VD11B sans le correctif AX037/19/P",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC RF68XR versions ant\u00e9rieures \u00e0 V3.2.1",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC IPC427E avec un BIOS d\u0027une version ant\u00e9rieure \u00e0 V21.01.11",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC IPC647E avec un BIOS d\u0027une version ant\u00e9rieure \u00e0 V25.02.04",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "TIA Administrator versions ant\u00e9rieures \u00e0 V1.0 SP1 Upd1",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC WinCC V7.5 versions ant\u00e9rieures \u00e0 V7.5 Upd 3",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC IPC847E avec un BIOS d\u0027une version ant\u00e9rieure \u00e0 V25.02.04",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC IPC677E avec un BIOS d\u0027une version ant\u00e9rieure \u00e0 V25.02.04",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC RF615R versions ant\u00e9rieures \u00e0 V3.2.1",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC IPC477E Pro avec un BIOS d\u0027une version ant\u00e9rieure \u00e0 V21.01.11",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "Sensis High End SIS Server, Mat. Nr. 10140973: versions ant\u00e9rieures \u00e0 VC11D, VC12M sans le correctif AX037/19/P",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC IPC477E avec un BIOS d\u0027une version ant\u00e9rieure \u00e0 V21.01.11",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "DIGSI 5 versions ant\u00e9rieures \u00e0 V7.90",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC PCS 7 V9.0 avec WinCC versions ant\u00e9rieures \u00e0 V7.4 SP1 Upd 11",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "VM SIS Virtual Server, Mat. Nr. 10765502: versions ant\u00e9rieures \u00e0 VC12M sans le correctif AX037/19/P",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2019-11091",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11091"
},
{
"name": "CVE-2016-6329",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-6329"
},
{
"name": "CVE-2018-12127",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-12127"
},
{
"name": "CVE-2018-12130",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-12130"
},
{
"name": "CVE-2013-0169",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-0169"
},
{
"name": "CVE-2019-10930",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-10930"
},
{
"name": "CVE-2019-10915",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-10915"
},
{
"name": "CVE-2019-10931",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-10931"
},
{
"name": "CVE-2019-10935",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-10935"
},
{
"name": "CVE-2018-12126",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-12126"
},
{
"name": "CVE-2019-10933",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-10933"
},
{
"name": "CVE-2019-0708",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-0708"
},
{
"name": "CVE-2011-3389",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-3389"
}
],
"initial_release_date": "2019-07-09T00:00:00",
"last_revision_date": "2019-07-09T00:00:00",
"links": [],
"reference": "CERTFR-2019-AVI-311",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2019-07-09T00:00:00.000000"
}
],
"risks": [
{
"description": "Injection de code indirecte \u00e0 distance (XSS)"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits\nSiemens. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer\nune ex\u00e9cution de code arbitraire \u00e0 distance, une atteinte \u00e0 l\u0027int\u00e9grit\u00e9\ndes donn\u00e9es et une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Siemens",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-166360 du 09 juillet 2019",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-166360.pdf"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-616199 du 09 juillet 2019",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-616199.pdf"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-121293 du 09 juillet 2019",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-121293.pdf"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-721298 du 09 juillet 2019",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-721298.pdf"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-616472 du 09 juillet 2019",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-616472.pdf"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-747162 du 09 juillet 2019",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-747162.pdf"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-899560 du 09 juillet 2019",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-899560.pdf"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-556833 du 09 juillet 2019",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-556833.pdf"
}
]
}
CERTFR-2019-AVI-553
Vulnerability from certfr_avis - Published: 2019-11-12 - Updated: 2019-11-12
De multiples vulnérabilités ont été découvertes dans les produits Schneider Electric. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service et une atteinte à la confidentialité des données.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
- Conext Control toutes versions
- EcoStruxure Substation Operation Gateway, anciennement PACiS Gateway, versions antérieures à 3.606.100.600.1
- Triconex TriStation Emulator Version 1.2.0
- Toutes les variantes de EGX100:
- EGX100SD
- EGX100MG
- EGX100SQD
- EGX100SDR
- EGX100M
- EGX100MGAA
- EGX100MGBA
- EGX100MGBB
- EGX100MGBC
- Toutes les variantes de ECI850:
- ECI850
- ECI850MG
- ConneXium Industrial Firewall/Router:
- TCSEFEC2CF3F21 (MM/TX) versions antérieures à V5.33
- TCSEFEC23FCF21 (TX/MM) versions antérieures à V5.33
- TCSEFEC23F3F21 (TX/TX) versions antérieures à V5.33
- Easergy Micom C264 versions antérieures à D5.24 – C264 D5.X, 1.79 – C264 D1.X et D4.25 – C264 D4.X
- Modicon X80 modules d'I/O:
- Modicon M580 IEC 61850 module
- Modicon Network Option Switch
- Modicon X80 - I/O Drop Adapters
- Modicon X80 - BMEAHI0812 HART Analog Input Module
- Modicon Momentum Unity
- Modicon Quantum 140 CRA
- Modicon Quantum Head 140 CRP
- Modicon Quantum 140 NOP Communications Module
Impacted products
| Vendor | Product | Description |
|---|
References
| Title | Publication Time | Tags | ||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [],
"affected_systems_content": "\u003cul\u003e \u003cli\u003eConext Control toutes versions\u003c/li\u003e \u003cli\u003eEcoStruxure Substation Operation Gateway, anciennement PACiS Gateway, versions ant\u00e9rieures \u00e0 3.606.100.600.1\u003c/li\u003e \u003cli\u003eTriconex TriStation Emulator Version 1.2.0\u003c/li\u003e \u003cli\u003eToutes les variantes de EGX100: \u003cul\u003e \u003cli\u003eEGX100SD\u003c/li\u003e \u003cli\u003eEGX100MG\u003c/li\u003e \u003cli\u003eEGX100SQD\u003c/li\u003e \u003cli\u003eEGX100SDR\u003c/li\u003e \u003cli\u003eEGX100M\u003c/li\u003e \u003cli\u003eEGX100MGAA\u003c/li\u003e \u003cli\u003eEGX100MGBA\u003c/li\u003e \u003cli\u003eEGX100MGBB\u003c/li\u003e \u003cli\u003eEGX100MGBC\u003c/li\u003e \u003c/ul\u003e \u003c/li\u003e \u003cli\u003eToutes les variantes de ECI850: \u003cul\u003e \u003cli\u003eECI850\u003c/li\u003e \u003cli\u003eECI850MG\u003c/li\u003e \u003c/ul\u003e \u003c/li\u003e \u003cli\u003eConneXium Industrial Firewall/Router: \u003cul\u003e \u003cli\u003eTCSEFEC2CF3F21 (MM/TX) versions ant\u00e9rieures \u00e0 V5.33\u003c/li\u003e \u003cli\u003eTCSEFEC23FCF21 (TX/MM) versions ant\u00e9rieures \u00e0 V5.33\u003c/li\u003e \u003cli\u003eTCSEFEC23F3F21 (TX/TX) versions ant\u00e9rieures \u00e0 V5.33\u003c/li\u003e \u003cli\u003eEasergy Micom C264 versions ant\u00e9rieures \u00e0 D5.24 \u2013 C264 D5.X, 1.79 \u2013 C264 D1.X et D4.25 \u2013 C264 D4.X\u003c/li\u003e \u003c/ul\u003e \u003c/li\u003e \u003cli\u003eModicon X80 modules d\u0027I/O: \u003cul\u003e \u003cli\u003eModicon M580 IEC 61850 module\u003c/li\u003e \u003cli\u003eModicon Network Option Switch\u003c/li\u003e \u003cli\u003eModicon X80 - I/O Drop Adapters\u003c/li\u003e \u003cli\u003eModicon X80 - BMEAHI0812 HART Analog Input Module\u003c/li\u003e \u003c/ul\u003e \u003c/li\u003e \u003cli\u003eModicon Momentum Unity\u003c/li\u003e \u003cli\u003eModicon Quantum 140 CRA\u003c/li\u003e \u003cli\u003eModicon Quantum Head 140 CRP\u003c/li\u003e \u003cli\u003eModicon Quantum 140 NOP Communications Module\u003c/li\u003e \u003c/ul\u003e ",
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2019-11091",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11091"
},
{
"name": "CVE-2018-7803",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-7803"
},
{
"name": "CVE-2019-1182",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-1182"
},
{
"name": "CVE-2019-1222",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-1222"
},
{
"name": "CVE-2018-12127",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-12127"
},
{
"name": "CVE-2019-1224",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-1224"
},
{
"name": "CVE-2018-12130",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-12130"
},
{
"name": "CVE-2019-1226",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-1226"
},
{
"name": "CVE-2019-1223",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-1223"
},
{
"name": "CVE-2019-1225",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-1225"
},
{
"name": "CVE-2019-1181",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-1181"
},
{
"name": "CVE-2018-12126",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-12126"
},
{
"name": "CVE-2018-7834",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-7834"
},
{
"name": "CVE-2019-0708",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-0708"
}
],
"initial_release_date": "2019-11-12T00:00:00",
"last_revision_date": "2019-11-12T00:00:00",
"links": [],
"reference": "CERTFR-2019-AVI-553",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2019-11-12T00:00:00.000000"
}
],
"risks": [
{
"description": "Injection de code indirecte \u00e0 distance (XSS)"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "D\u00e9ni de service"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits\nSchneider Electric. Certaines d\u0027entre elles permettent \u00e0 un attaquant de\nprovoquer une ex\u00e9cution de code arbitraire \u00e0 distance, un d\u00e9ni de\nservice et une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Schneider Electric",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Schneider Electric SESB-2019-214-01 du 12 novembre 2019",
"url": "https://download.schneider-electric.com/files?p_enDocType=Technical+leaflet\u0026p_File_Name=SESB-2019-214-01-Wind_River_VxWorks_Security_Bulletin_V2.2.pdf\u0026p_Doc_Ref=SESB-2019-214-01"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Schneider Electric SEVD-2019-134-07 du 12 novembre 2019",
"url": "https://download.schneider-electric.com/files?p_enDocType=Technical+leaflet\u0026p_File_Name=SEVD-2019-134-07_ConneXium_and_PowerLogic_Gateway_V2.pdf\u0026p_Doc_Ref=SEVD-2019-134-07"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Schneider Electric SEVD-2019-193-02 du 12 novembre 2019",
"url": "https://download.schneider-electric.com/files?p_enDocType=Technical+leaflet\u0026p_File_Name=SEVD-2019-193-02_MicrosoftRDS-Product_InformationV1.4.pdf\u0026p_Doc_Ref=SEVD-2019-193-02"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Schneider Electric SEVD-2019-071-03 du 12 novembre 2019",
"url": "https://download.schneider-electric.com/files?p_enDocType=Technical+leaflet\u0026p_File_Name=SEVD-2019-071-03-TriStation_Emulator_V2.pdf\u0026p_Doc_Ref=SEVD-2019-071-03"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Schneider Electric SEVD-2019-267-01 du 12 novembre 2019",
"url": "https://download.schneider-electric.com/files?p_enDocType=Technical+leaflet\u0026p_File_Name=SEVD-2019-267-01_MicrosoftRDS-DejaBlue-Product_InformationV1.1.pdf\u0026p_Doc_Ref=SEVD-2019-267-01"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Schneider Electric SEVD-2019-193-01 du 12 novembre 2019",
"url": "https://download.schneider-electric.com/files?p_enDocType=Technical+leaflet\u0026p_File_Name=SEVD-2019-193-01_IntelMDS-Product_InformationV1.3.pdf\u0026p_Doc_Ref=SEVD-2019-193-01"
}
]
}
CVE-2019-0708
Vulnerability from fstec - Published: 16.05.2019
VLAI Severity ?
Title
Уязвимость службы удаленного рабочего стола Remote Desktop Services (RDS) операционных систем Windows, позволяющая нарушителю выполнить произвольный код
Description
Уязвимость службы удаленного рабочего стола Remote Desktop Services (RDS) операционных систем Windows связана с ошибками обработки запросов. Эксплуатация уязвимости может позволить нарушителю, действующему удалённо,выполнить произвольный код с помощью специально созданного RDP-запроса
Severity ?
Vendor
Intel Corp., Siemens AG
Software Name
Intel Pentium, Intel Celeron, SIMATIC IPC427C, SIMATIC IPC477C, SINUMERIK 840D sl, SINUMERIK TCU 30.3, SINUMERIK PCU 50.5, 8th Generation Intel Core, 8th Generation Intel Core i7, 5th Generation Intel Core, 9th Generation Intel Core, 4th Generation Intel Core, 3th Generation Intel Core, 6th Generation Intel Core, Legacy Intel Celeron, Legacy Intel Core, Legacy Intel Pentium, Intel Xeon E3, Intel Puma, Intel Atom C Series, Intel Pentium Silver Series, Intel Xeon E5 v3, Intel Xeon E7 v3, Intel Xeon E3 v3, Intel Xeon E Series, Intel Pentium Gold Series, Intel Celeron G Series, Intel Pentium J Series, Intel Pentium N Series, Intel Celeron J Series, Intel Celeron N Series, Intel Atom A Series, Intel Atom E3900 Series, Intel Xeon D, Intel Core X-series, Intel Xeon E5 v4, Intel Xeon E7 v4, Intel Xeon E3 v4, Intel Atom X series, Intel Xeon E5 v2, Intel Xeon E7 v2, Intel Xeon E3 v2, Intel Xeon E3 v6, Intel Xeon E5, Intel Xeon Scalable, Intel Xeon E3 v5, Intel Celeron W, Intel Atom Z series, Intel Atom E3800 Series, Intel Mobile Communications Platforms, SIMATIC Field PG M4, SIMATIC Field PG M5, SIMATIC Field PG M6, SIMATIC IPC377E, SIMATIC IPC347E, SIMATIC IPC327E, SIMATIC IPC427D, SIMATIC IPC427E, SIMATIC IPC477D, SIMATIC IPC477E, SIMATIC IPC477E Pro, SIMATIC IPC547E, SIMATIC IPC547G, SIMATIC IPC627C, SIMATIC IPC627D, SIMATIC IPC647C, SIMATIC IPC647D, SIMATIC IPC677C, SIMATIC IPC677D, SIMATIC IPC827C, SIMATIC IPC827D, SIMATIC IPC847C, SIMATIC IPC847D, SIMATIC IPC847E, SIMATIC IPC677E, SIMATIC IPC627E, SIMATIC IPC527G, SIMATIC IPC127E, SIMATIC IPC2X7E, SIMATIC IPC3000 SMART V2, SIMATIC ITP1000, SIMATIC S7-1500 CPU S7-1518-4 PN/DP MFP, SIMATIC S7-1500 CPU S7-1518F-4 PN/DP MFP, SIMOTION P320-4E, SIMOTION P320-4S, SINUMERIK Panels with integrated TCU
Software Version
- (Intel Pentium), - (Intel Celeron), - (SIMATIC IPC427C), - (SIMATIC IPC477C), - (SINUMERIK 840D sl), - (SINUMERIK TCU 30.3), - (SINUMERIK PCU 50.5), - (8th Generation Intel Core), - (8th Generation Intel Core i7), - (5th Generation Intel Core), - (9th Generation Intel Core), - (4th Generation Intel Core), - (3th Generation Intel Core), - (6th Generation Intel Core), - (Legacy Intel Celeron), - (Legacy Intel Core), - (Legacy Intel Pentium), - (Intel Xeon E3), - (Intel Puma), - (Intel Atom C Series), - (Intel Pentium Silver Series), - (Intel Xeon E5 v3), - (Intel Xeon E7 v3), - (Intel Xeon E3 v3), - (Intel Xeon E Series), - (Intel Pentium Gold Series), - (Intel Celeron G Series), - (Intel Pentium J Series), - (Intel Pentium N Series), - (Intel Celeron J Series), - (Intel Celeron N Series), - (Intel Atom A Series), - (Intel Atom E3900 Series), - (Intel Xeon D), - (Intel Core X-series), - (Intel Xeon E5 v4), - (Intel Xeon E7 v4), - (Intel Xeon E3 v4), - (Intel Atom X series), - (Intel Xeon E5 v2), - (Intel Xeon E7 v2), - (Intel Xeon E3 v2), - (Intel Xeon E3 v6), - (Intel Xeon E5), - (Intel Xeon Scalable), - (Intel Xeon E3 v5), - (Intel Celeron W), - (Intel Atom Z series), - (Intel Atom E3800 Series), - (Intel Mobile Communications Platforms), - (SIMATIC Field PG M4), - (SIMATIC Field PG M5), - (SIMATIC Field PG M6), - (SIMATIC IPC377E), - (SIMATIC IPC347E), - (SIMATIC IPC327E), - (SIMATIC IPC427D), до 21.01.11 (SIMATIC IPC427E), - (SIMATIC IPC477D), до 21.01.11 (SIMATIC IPC477E), до 21.01.11 (SIMATIC IPC477E Pro), - (SIMATIC IPC547E), - (SIMATIC IPC547G), - (SIMATIC IPC627C), - (SIMATIC IPC627D), - (SIMATIC IPC647C), - (SIMATIC IPC647D), - (SIMATIC IPC677C), - (SIMATIC IPC677D), - (SIMATIC IPC827C), - (SIMATIC IPC827D), - (SIMATIC IPC847C), - (SIMATIC IPC847D), до 25.02.04 (SIMATIC IPC847E), до 25.02.04 (SIMATIC IPC677E), до 25.02.04 (SIMATIC IPC627E), - (SIMATIC IPC527G), - (SIMATIC IPC127E), - (SIMATIC IPC2X7E), - (SIMATIC IPC3000 SMART V2), - (SIMATIC ITP1000), - (SIMATIC S7-1500 CPU S7-1518-4 PN/DP MFP), - (SIMATIC S7-1500 CPU S7-1518F-4 PN/DP MFP), - (SIMOTION P320-4E), - (SIMOTION P320-4S), - (SINUMERIK Panels with integrated TCU)
Possible Mitigations
Для ОС Windows использование рекомендаций:
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0708
Для Sensis SIS Server Machine, Mat. Nr. 06648153 VC11D, VC12M, VD11B, Sensis SIS Server Machine, Mat. Nr. 10140973 VC11D, VC12M, SENSIS Dell High-End Server (VC12), Mat. Nr. 10910620 VC12M и VM SIS Virtual Server, Mat. Nr. 10765502 VC12M до AX037/19/P
Для Sensis SIS Server Machine, Mat. Nr. 06648153 VC11C и Sensis SIS Server Machine, Mat. Nr. 10140973 VC11C, до VC11D для последующего обновления до AX037/19/P
Для Sensis SIS Server Machine, Mat. Nr. 06648153 VC12B/C, VC12L, Sensis SIS Server Machine, Mat. Nr. 10140973 VC1B/C, VC12L, SENSIS Dell High-End Server (VC12), Mat. Nr. 10910620 VC12B/C, VC12L и VM SIS Virtual Server, Mat. Nr. 10765502 VC12L до VC12M для последующего обновления до AX037/19/P
Для Sensis SIS Server Machine, Mat. Nr. 06648153 VD11A до VD11B для последующего обновления до AX037/19/P
Для Atellica COAG 360 использование рекомендаций:
https://doclib.healthcare.siemens.com/home
Для Atellica NEPH 630 использование рекомендаций:
https://doclib.healthcare.siemens.com/home
Для BCS XP использование рекомендаций:
https://doclib.healthcare.siemens.com/home
Для BN ProSpec использование рекомендаций:
https://doclib.healthcare.siemens.com/home
Для CS 2000, CS 2100, CS 2500, CS 5100 компенсирующие меры:
Блокировка порта 3389/TCP
Настроить процедуры резервного копирования и восстановления системы
Защитить внешнюю среду в соответствии с рекомендациями Microsoft
Для SYSTEM ACOM.NET, Mat. Nr. 04815549, System ACOM.net 2.0, Mat. Nr. 05568386 и System ACOM-Net, Mat. Nr. 5903872 VC20A, VC21B, VC22B, VX22A:
Отключить обновления протокола удаленного рабочего стола
Reference
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0708
https://nvd.nist.gov/vuln/detail/CVE-2019-0708
https://cert-portal.siemens.com/productcert/pdf/ssa-616199.pdf
https://cert-portal.siemens.com/productcert/pdf/ssa-832947.pdf
https://cert-portal.siemens.com/productcert/pdf/ssa-166360.pdf
https://doclib.healthcare.siemens.com/home
CWE
CWE-20
{
"CVSS 2.0": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"CVSS 3.0": "AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"CVSS 4.0": null,
"remediation_\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": null,
"remediation_\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435": null,
"\u0412\u0435\u043d\u0434\u043e\u0440 \u041f\u041e": "Intel Corp., Siemens AG",
"\u0412\u0435\u0440\u0441\u0438\u044f \u041f\u041e": "- (Intel Pentium), - (Intel Celeron), - (SIMATIC IPC427C), - (SIMATIC IPC477C), - (SINUMERIK 840D sl), - (SINUMERIK TCU 30.3), - (SINUMERIK PCU 50.5), - (8th Generation Intel Core), - (8th Generation Intel Core i7), - (5th Generation Intel Core), - (9th Generation Intel Core), - (4th Generation Intel Core), - (3th Generation Intel Core), - (6th Generation Intel Core), - (Legacy Intel Celeron), - (Legacy Intel Core), - (Legacy Intel Pentium), - (Intel Xeon E3), - (Intel Puma), - (Intel Atom C Series), - (Intel Pentium Silver Series), - (Intel Xeon E5 v3), - (Intel Xeon E7 v3), - (Intel Xeon E3 v3), - (Intel Xeon E Series), - (Intel Pentium Gold Series), - (Intel Celeron G Series), - (Intel Pentium J Series), - (Intel Pentium N Series), - (Intel Celeron J Series), - (Intel Celeron N Series), - (Intel Atom A Series), - (Intel Atom E3900 Series), - (Intel Xeon D), - (Intel Core X-series), - (Intel Xeon E5 v4), - (Intel Xeon E7 v4), - (Intel Xeon E3 v4), - (Intel Atom X series), - (Intel Xeon E5 v2), - (Intel Xeon E7 v2), - (Intel Xeon E3 v2), - (Intel Xeon E3 v6), - (Intel Xeon E5), - (Intel Xeon Scalable), - (Intel Xeon E3 v5), - (Intel Celeron W), - (Intel Atom Z series), - (Intel Atom E3800 Series), - (Intel Mobile Communications Platforms), - (SIMATIC Field PG M4), - (SIMATIC Field PG M5), - (SIMATIC Field PG M6), - (SIMATIC IPC377E), - (SIMATIC IPC347E), - (SIMATIC IPC327E), - (SIMATIC IPC427D), \u0434\u043e 21.01.11 (SIMATIC IPC427E), - (SIMATIC IPC477D), \u0434\u043e 21.01.11 (SIMATIC IPC477E), \u0434\u043e 21.01.11 (SIMATIC IPC477E Pro), - (SIMATIC IPC547E), - (SIMATIC IPC547G), - (SIMATIC IPC627C), - (SIMATIC IPC627D), - (SIMATIC IPC647C), - (SIMATIC IPC647D), - (SIMATIC IPC677C), - (SIMATIC IPC677D), - (SIMATIC IPC827C), - (SIMATIC IPC827D), - (SIMATIC IPC847C), - (SIMATIC IPC847D), \u0434\u043e 25.02.04 (SIMATIC IPC847E), \u0434\u043e 25.02.04 (SIMATIC IPC677E), \u0434\u043e 25.02.04 (SIMATIC IPC627E), - (SIMATIC IPC527G), - (SIMATIC IPC127E), - (SIMATIC IPC2X7E), - (SIMATIC IPC3000 SMART V2), - (SIMATIC ITP1000), - (SIMATIC S7-1500 CPU S7-1518-4 PN/DP MFP), - (SIMATIC S7-1500 CPU S7-1518F-4 PN/DP MFP), - (SIMOTION P320-4E), - (SIMOTION P320-4S), - (SINUMERIK Panels with integrated TCU)",
"\u0412\u043e\u0437\u043c\u043e\u0436\u043d\u044b\u0435 \u043c\u0435\u0440\u044b \u043f\u043e \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044e": "\u0414\u043b\u044f \u041e\u0421 Windows \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0439: \nhttps://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0708\n\n\u0414\u043b\u044f Sensis SIS Server Machine, Mat. Nr. 06648153 VC11D, VC12M, VD11B, Sensis SIS Server Machine, Mat. Nr. 10140973 VC11D, VC12M, SENSIS Dell High-End Server (VC12), Mat. Nr. 10910620 VC12M \u0438 VM SIS Virtual Server, Mat. Nr. 10765502 VC12M \u0434\u043e AX037/19/P\n\u0414\u043b\u044f Sensis SIS Server Machine, Mat. Nr. 06648153 VC11C \u0438 Sensis SIS Server Machine, Mat. Nr. 10140973 VC11C, \u0434\u043e VC11D \u0434\u043b\u044f \u043f\u043e\u0441\u043b\u0435\u0434\u0443\u044e\u0449\u0435\u0433\u043e \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u0434\u043e AX037/19/P\n\u0414\u043b\u044f Sensis SIS Server Machine, Mat. Nr. 06648153 VC12B/C, VC12L, Sensis SIS Server Machine, Mat. Nr. 10140973 VC1B/C, VC12L, SENSIS Dell High-End Server (VC12), Mat. Nr. 10910620 VC12B/C, VC12L \u0438 VM SIS Virtual Server, Mat. Nr. 10765502 VC12L \u0434\u043e VC12M \u0434\u043b\u044f \u043f\u043e\u0441\u043b\u0435\u0434\u0443\u044e\u0449\u0435\u0433\u043e \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u0434\u043e AX037/19/P\n\u0414\u043b\u044f Sensis SIS Server Machine, Mat. Nr. 06648153 VD11A \u0434\u043e VD11B \u0434\u043b\u044f \u043f\u043e\u0441\u043b\u0435\u0434\u0443\u044e\u0449\u0435\u0433\u043e \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u0434\u043e AX037/19/P\n\u0414\u043b\u044f Atellica COAG 360 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0439: \nhttps://doclib.healthcare.siemens.com/home\n\u0414\u043b\u044f Atellica NEPH 630 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0439: \nhttps://doclib.healthcare.siemens.com/home\n\u0414\u043b\u044f BCS XP \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0439:\nhttps://doclib.healthcare.siemens.com/home\n\u0414\u043b\u044f BN ProSpec \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0439: \nhttps://doclib.healthcare.siemens.com/home\n\n\u0414\u043b\u044f CS 2000, CS 2100, CS 2500, CS 5100 \u043a\u043e\u043c\u043f\u0435\u043d\u0441\u0438\u0440\u0443\u044e\u0449\u0438\u0435 \u043c\u0435\u0440\u044b: \n\u0411\u043b\u043e\u043a\u0438\u0440\u043e\u0432\u043a\u0430 \u043f\u043e\u0440\u0442\u0430 3389/TCP\n\u041d\u0430\u0441\u0442\u0440\u043e\u0438\u0442\u044c \u043f\u0440\u043e\u0446\u0435\u0434\u0443\u0440\u044b \u0440\u0435\u0437\u0435\u0440\u0432\u043d\u043e\u0433\u043e \u043a\u043e\u043f\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u044f \u0438 \u0432\u043e\u0441\u0441\u0442\u0430\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u0441\u0438\u0441\u0442\u0435\u043c\u044b\n\u0417\u0430\u0449\u0438\u0442\u0438\u0442\u044c \u0432\u043d\u0435\u0448\u043d\u044e\u044e \u0441\u0440\u0435\u0434\u0443 \u0432 \u0441\u043e\u043e\u0442\u0432\u0435\u0442\u0441\u0442\u0432\u0438\u0438 \u0441 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u044f\u043c\u0438 Microsoft\n\n\u0414\u043b\u044f SYSTEM ACOM.NET, Mat. Nr. 04815549, System ACOM.net 2.0, Mat. Nr. 05568386 \u0438 System ACOM-Net, Mat. Nr. 5903872 VC20A, VC21B, VC22B, VX22A:\n\u041e\u0442\u043a\u043b\u044e\u0447\u0438\u0442\u044c \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u043f\u0440\u043e\u0442\u043e\u043a\u043e\u043b\u0430 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u0433\u043e \u0440\u0430\u0431\u043e\u0447\u0435\u0433\u043e \u0441\u0442\u043e\u043b\u0430",
"\u0414\u0430\u0442\u0430 \u0432\u044b\u044f\u0432\u043b\u0435\u043d\u0438\u044f": "16.05.2019",
"\u0414\u0430\u0442\u0430 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0435\u0433\u043e \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f": "23.03.2021",
"\u0414\u0430\u0442\u0430 \u043f\u0443\u0431\u043b\u0438\u043a\u0430\u0446\u0438\u0438": "31.05.2019",
"\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": "BDU:2019-01846",
"\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440\u044b \u0434\u0440\u0443\u0433\u0438\u0445 \u0441\u0438\u0441\u0442\u0435\u043c \u043e\u043f\u0438\u0441\u0430\u043d\u0438\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "CVE-2019-0708",
"\u0418\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f \u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0430",
"\u041a\u043b\u0430\u0441\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043a\u043e\u0434\u0430",
"\u041d\u0430\u0437\u0432\u0430\u043d\u0438\u0435 \u041f\u041e": "Intel Pentium, Intel Celeron, SIMATIC IPC427C, SIMATIC IPC477C, SINUMERIK 840D sl, SINUMERIK TCU 30.3, SINUMERIK PCU 50.5, 8th Generation Intel Core, 8th Generation Intel Core i7, 5th Generation Intel Core, 9th Generation Intel Core, 4th Generation Intel Core, 3th Generation Intel Core, 6th Generation Intel Core, Legacy Intel Celeron, Legacy Intel Core, Legacy Intel Pentium, Intel Xeon E3, Intel Puma, Intel Atom C Series, Intel Pentium Silver Series, Intel Xeon E5 v3, Intel Xeon E7 v3, Intel Xeon E3 v3, Intel Xeon E Series, Intel Pentium Gold Series, Intel Celeron G Series, Intel Pentium J Series, Intel Pentium N Series, Intel Celeron J Series, Intel Celeron N Series, Intel Atom A Series, Intel Atom E3900 Series, Intel Xeon D, Intel Core X-series, Intel Xeon E5 v4, Intel Xeon E7 v4, Intel Xeon E3 v4, Intel Atom X series, Intel Xeon E5 v2, Intel Xeon E7 v2, Intel Xeon E3 v2, Intel Xeon E3 v6, Intel Xeon E5, Intel Xeon Scalable, Intel Xeon E3 v5, Intel Celeron W, Intel Atom Z series, Intel Atom E3800 Series, Intel Mobile Communications Platforms, SIMATIC Field PG M4, SIMATIC Field PG M5, SIMATIC Field PG M6, SIMATIC IPC377E, SIMATIC IPC347E, SIMATIC IPC327E, SIMATIC IPC427D, SIMATIC IPC427E, SIMATIC IPC477D, SIMATIC IPC477E, SIMATIC IPC477E Pro, SIMATIC IPC547E, SIMATIC IPC547G, SIMATIC IPC627C, SIMATIC IPC627D, SIMATIC IPC647C, SIMATIC IPC647D, SIMATIC IPC677C, SIMATIC IPC677D, SIMATIC IPC827C, SIMATIC IPC827D, SIMATIC IPC847C, SIMATIC IPC847D, SIMATIC IPC847E, SIMATIC IPC677E, SIMATIC IPC627E, SIMATIC IPC527G, SIMATIC IPC127E, SIMATIC IPC2X7E, SIMATIC IPC3000 SMART V2, SIMATIC ITP1000, SIMATIC S7-1500 CPU S7-1518-4 PN/DP MFP, SIMATIC S7-1500 CPU S7-1518F-4 PN/DP MFP, SIMOTION P320-4E, SIMOTION P320-4S, SINUMERIK Panels with integrated TCU",
"\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u041e\u0421 \u0438 \u0442\u0438\u043f \u0430\u043f\u043f\u0430\u0440\u0430\u0442\u043d\u043e\u0439 \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u044b": "Microsoft Corp Windows 7 Service Pack 1 - 64-bit, Microsoft Corp Windows 7 Service Pack 1 - 32-bit, Microsoft Corp Windows Server 2008 R2 Service Pack 1 - , Microsoft Corp Windows Server 2008 Service Pack 2 - , Microsoft Corp Windows Server 2008 Service Pack 2 (Server Core Installation) - ",
"\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0441\u043b\u0443\u0436\u0431\u044b \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u0433\u043e \u0440\u0430\u0431\u043e\u0447\u0435\u0433\u043e \u0441\u0442\u043e\u043b\u0430 Remote Desktop Services (RDS) \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u044b\u0445 \u0441\u0438\u0441\u0442\u0435\u043c Windows, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0430\u044f \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e \u0432\u044b\u043f\u043e\u043b\u043d\u0438\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0439 \u043a\u043e\u0434",
"\u041d\u0430\u043b\u0438\u0447\u0438\u0435 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u0430": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
"\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "\u041d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043e\u0447\u043d\u0430\u044f \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0430 \u0432\u0432\u043e\u0434\u0438\u043c\u044b\u0445 \u0434\u0430\u043d\u043d\u044b\u0445 (CWE-20)",
"\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0441\u043b\u0443\u0436\u0431\u044b \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u0433\u043e \u0440\u0430\u0431\u043e\u0447\u0435\u0433\u043e \u0441\u0442\u043e\u043b\u0430 Remote Desktop Services (RDS) \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u044b\u0445 \u0441\u0438\u0441\u0442\u0435\u043c Windows \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 \u043e\u0448\u0438\u0431\u043a\u0430\u043c\u0438 \u043e\u0431\u0440\u0430\u0431\u043e\u0442\u043a\u0438 \u0437\u0430\u043f\u0440\u043e\u0441\u043e\u0432. \u042d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e, \u0434\u0435\u0439\u0441\u0442\u0432\u0443\u044e\u0449\u0435\u043c\u0443 \u0443\u0434\u0430\u043b\u0451\u043d\u043d\u043e,\u0432\u044b\u043f\u043e\u043b\u043d\u0438\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0439 \u043a\u043e\u0434 \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u0441\u043e\u0437\u0434\u0430\u043d\u043d\u043e\u0433\u043e RDP-\u0437\u0430\u043f\u0440\u043e\u0441\u0430",
"\u041f\u043e\u0441\u043b\u0435\u0434\u0441\u0442\u0432\u0438\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": null,
"\u041f\u0440\u043e\u0447\u0430\u044f \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043f\u043e\u043b\u0443\u0447\u0438\u043b\u0430 \u043d\u0430\u0437\u0432\u0430\u043d\u0438\u0435 Blue Keeper\n\u041f\u0440\u043e\u0434\u0443\u043a\u0442\u044b Siemens AG: Atellica COAG 360, Atellica NEPH 630, BCS XP, BN ProSpec, CS 2000, CS 2100, CS 2500, CS 5100, \u0443\u044f\u0437\u0432\u0438\u043c\u044b \u0442\u043e\u043b\u044c\u043a\u043e \u043d\u0430 Windows 7 \u0438\u043b\u0438 Windows XP",
"\u0421\u0432\u044f\u0437\u044c \u0441 \u0438\u043d\u0446\u0438\u0434\u0435\u043d\u0442\u0430\u043c\u0438 \u0418\u0411": "\u0414\u0430",
"\u0421\u043e\u0441\u0442\u043e\u044f\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043d\u0430",
"\u0421\u043f\u043e\u0441\u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f": "\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f",
"\u0421\u043f\u043e\u0441\u043e\u0431 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438": "\u041c\u0430\u043d\u0438\u043f\u0443\u043b\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u0435 \u0440\u0435\u0441\u0443\u0440\u0441\u0430\u043c\u0438",
"\u0421\u0441\u044b\u043b\u043a\u0438 \u043d\u0430 \u0438\u0441\u0442\u043e\u0447\u043d\u0438\u043a\u0438": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0708\nhttps://nvd.nist.gov/vuln/detail/CVE-2019-0708\nhttps://cert-portal.siemens.com/productcert/pdf/ssa-616199.pdf\nhttps://cert-portal.siemens.com/productcert/pdf/ssa-832947.pdf\nhttps://cert-portal.siemens.com/productcert/pdf/ssa-166360.pdf\nhttps://doclib.healthcare.siemens.com/home",
"\u0421\u0442\u0430\u0442\u0443\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041f\u043e\u0434\u0442\u0432\u0435\u0440\u0436\u0434\u0435\u043d\u0430 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u0435\u043c",
"\u0422\u0438\u043f \u041f\u041e": "\u041f\u041e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e-\u0430\u043f\u043f\u0430\u0440\u0430\u0442\u043d\u043e\u0433\u043e \u0441\u0440\u0435\u0434\u0441\u0442\u0432\u0430, \u041f\u041e \u0441\u0435\u0442\u0435\u0432\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e-\u0430\u043f\u043f\u0430\u0440\u0430\u0442\u043d\u043e\u0433\u043e \u0441\u0440\u0435\u0434\u0441\u0442\u0432\u0430, \u041f\u041e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e-\u0430\u043f\u043f\u0430\u0440\u0430\u0442\u043d\u043e\u0433\u043e \u0441\u0440\u0435\u0434\u0441\u0442\u0432\u0430 \u0410\u0421\u0423 \u0422\u041f, \u041f\u041e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e-\u0430\u043f\u043f\u0430\u0440\u0430\u0442\u043d\u044b\u0445 \u0441\u0440\u0435\u0434\u0441\u0442\u0432 \u0437\u0430\u0449\u0438\u0442\u044b, \u041c\u0438\u043a\u0440\u043e\u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u044b\u0439 \u043a\u043e\u0434, \u0421\u0440\u0435\u0434\u0441\u0442\u0432\u043e \u0410\u0421\u0423 \u0422\u041f",
"\u0422\u0438\u043f \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "CWE-20",
"\u0423\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 2.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 10)\n\u041a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 3.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 9,8)"
}
GSD-2019-0708
Vulnerability from gsd - Updated: 2023-12-13 01:23Details
A remote code execution vulnerability exists in Remote Desktop Services formerly known as Terminal Services when an unauthenticated attacker connects to the target system using RDP and sends specially crafted requests, aka 'Remote Desktop Services Remote Code Execution Vulnerability'.
Aliases
Aliases
{
"GSD": {
"alias": "CVE-2019-0708",
"description": "A remote code execution vulnerability exists in Remote Desktop Services formerly known as Terminal Services when an unauthenticated attacker connects to the target system using RDP and sends specially crafted requests, aka \u0027Remote Desktop Services Remote Code Execution Vulnerability\u0027.",
"id": "GSD-2019-0708",
"references": [
"https://packetstormsecurity.com/files/cve/CVE-2019-0708"
]
},
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"aliases": [
"CVE-2019-0708"
],
"details": "A remote code execution vulnerability exists in Remote Desktop Services formerly known as Terminal Services when an unauthenticated attacker connects to the target system using RDP and sends specially crafted requests, aka \u0027Remote Desktop Services Remote Code Execution Vulnerability\u0027.",
"id": "GSD-2019-0708",
"modified": "2023-12-13T01:23:39.184460Z",
"schema_version": "1.4.0"
}
},
"namespaces": {
"cisa.gov": {
"cveID": "CVE-2019-0708",
"dateAdded": "2021-11-03",
"dueDate": "2022-05-03",
"product": "Remote Desktop Services",
"requiredAction": "Apply updates per vendor instructions.",
"shortDescription": "A remote code execution vulnerability exists in Remote Desktop Services formerly known as Terminal Services when an unauthenticated attacker connects to the target system using RDP and sends specially crafted requests.",
"vendorProject": "Microsoft",
"vulnerabilityName": "\"BlueKeep\" Microsoft Windows Remote Desktop Remote Code Execution Vulnerability"
},
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2019-0708",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Windows",
"version": {
"version_data": [
{
"version_value": "7 for 32-bit Systems Service Pack 1"
},
{
"version_value": "7 for x64-based Systems Service Pack 1"
}
]
}
},
{
"product_name": "Windows Server",
"version": {
"version_data": [
{
"version_value": "2008 R2 for x64-based Systems Service Pack 1 (Core installation)"
},
{
"version_value": "2008 R2 for Itanium-Based Systems Service Pack 1"
},
{
"version_value": "2008 R2 for x64-based Systems Service Pack 1"
},
{
"version_value": "2008 for 32-bit Systems Service Pack 2 (Core installation)"
},
{
"version_value": "2008 for Itanium-Based Systems Service Pack 2"
},
{
"version_value": "2008 for 32-bit Systems Service Pack 2"
},
{
"version_value": "2008 for x64-based Systems Service Pack 2"
},
{
"version_value": "2008 for x64-based Systems Service Pack 2 (Core installation)"
}
]
}
}
]
},
"vendor_name": "Microsoft"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A remote code execution vulnerability exists in Remote Desktop Services formerly known as Terminal Services when an unauthenticated attacker connects to the target system using RDP and sends specially crafted requests, aka \u0027Remote Desktop Services Remote Code Execution Vulnerability\u0027."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Remote Code Execution"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0708",
"refsource": "MISC",
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0708"
},
{
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-932041.pdf",
"refsource": "CONFIRM",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-932041.pdf"
},
{
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-616199.pdf",
"refsource": "CONFIRM",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-616199.pdf"
},
{
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-433987.pdf",
"refsource": "CONFIRM",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-433987.pdf"
},
{
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-832947.pdf",
"refsource": "CONFIRM",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-832947.pdf"
},
{
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-166360.pdf",
"refsource": "CONFIRM",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-166360.pdf"
},
{
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-406175.pdf",
"refsource": "CONFIRM",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-406175.pdf"
},
{
"name": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190529-01-windows-en",
"refsource": "CONFIRM",
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190529-01-windows-en"
},
{
"name": "http://www.huawei.com/en/psirt/security-notices/huawei-sn-20190515-01-windows-en",
"refsource": "CONFIRM",
"url": "http://www.huawei.com/en/psirt/security-notices/huawei-sn-20190515-01-windows-en"
},
{
"name": "http://packetstormsecurity.com/files/153133/Microsoft-Windows-Remote-Desktop-BlueKeep-Denial-Of-Service.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/153133/Microsoft-Windows-Remote-Desktop-BlueKeep-Denial-Of-Service.html"
},
{
"name": "http://packetstormsecurity.com/files/153627/Microsoft-Windows-RDP-BlueKeep-Denial-Of-Service.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/153627/Microsoft-Windows-RDP-BlueKeep-Denial-Of-Service.html"
},
{
"name": "http://packetstormsecurity.com/files/154579/BlueKeep-RDP-Remote-Windows-Kernel-Use-After-Free.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/154579/BlueKeep-RDP-Remote-Windows-Kernel-Use-After-Free.html"
},
{
"name": "http://packetstormsecurity.com/files/155389/Microsoft-Windows-7-x86-BlueKeep-RDP-Use-After-Free.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/155389/Microsoft-Windows-7-x86-BlueKeep-RDP-Use-After-Free.html"
},
{
"name": "http://packetstormsecurity.com/files/162960/Microsoft-RDP-Remote-Code-Execution.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/162960/Microsoft-RDP-Remote-Code-Execution.html"
}
]
}
},
"nvd.nist.gov": {
"configurations": {
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_vista:-:sp2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:itanium:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_xp:-:sp2:*:*:professional:*:x64:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_xp:-:sp3:*:*:*:*:x86:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_server_2003:-:sp2:*:*:*:*:x86:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_server_2003:-:sp2:*:*:*:*:x64:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_server_2003:r2:sp2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_7:-:sp1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
},
"cve": {
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2019-0708"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "en",
"value": "A remote code execution vulnerability exists in Remote Desktop Services formerly known as Terminal Services when an unauthenticated attacker connects to the target system using RDP and sends specially crafted requests, aka \u0027Remote Desktop Services Remote Code Execution Vulnerability\u0027."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "en",
"value": "CWE-416"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0708",
"refsource": "MISC",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0708"
},
{
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-932041.pdf",
"refsource": "CONFIRM",
"tags": [
"Third Party Advisory"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-932041.pdf"
},
{
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-832947.pdf",
"refsource": "CONFIRM",
"tags": [
"Third Party Advisory"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-832947.pdf"
},
{
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-616199.pdf",
"refsource": "CONFIRM",
"tags": [
"Third Party Advisory"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-616199.pdf"
},
{
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-433987.pdf",
"refsource": "CONFIRM",
"tags": [
"Third Party Advisory"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-433987.pdf"
},
{
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-406175.pdf",
"refsource": "CONFIRM",
"tags": [
"Third Party Advisory"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-406175.pdf"
},
{
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-166360.pdf",
"refsource": "CONFIRM",
"tags": [
"Third Party Advisory"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-166360.pdf"
},
{
"name": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190529-01-windows-en",
"refsource": "CONFIRM",
"tags": [
"Third Party Advisory"
],
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190529-01-windows-en"
},
{
"name": "http://www.huawei.com/en/psirt/security-notices/huawei-sn-20190515-01-windows-en",
"refsource": "CONFIRM",
"tags": [
"Third Party Advisory"
],
"url": "http://www.huawei.com/en/psirt/security-notices/huawei-sn-20190515-01-windows-en"
},
{
"name": "http://packetstormsecurity.com/files/153133/Microsoft-Windows-Remote-Desktop-BlueKeep-Denial-Of-Service.html",
"refsource": "MISC",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/153133/Microsoft-Windows-Remote-Desktop-BlueKeep-Denial-Of-Service.html"
},
{
"name": "http://packetstormsecurity.com/files/153627/Microsoft-Windows-RDP-BlueKeep-Denial-Of-Service.html",
"refsource": "MISC",
"tags": [],
"url": "http://packetstormsecurity.com/files/153627/Microsoft-Windows-RDP-BlueKeep-Denial-Of-Service.html"
},
{
"name": "http://packetstormsecurity.com/files/154579/BlueKeep-RDP-Remote-Windows-Kernel-Use-After-Free.html",
"refsource": "MISC",
"tags": [],
"url": "http://packetstormsecurity.com/files/154579/BlueKeep-RDP-Remote-Windows-Kernel-Use-After-Free.html"
},
{
"name": "http://packetstormsecurity.com/files/155389/Microsoft-Windows-7-x86-BlueKeep-RDP-Use-After-Free.html",
"refsource": "MISC",
"tags": [],
"url": "http://packetstormsecurity.com/files/155389/Microsoft-Windows-7-x86-BlueKeep-RDP-Use-After-Free.html"
},
{
"name": "http://packetstormsecurity.com/files/162960/Microsoft-RDP-Remote-Code-Execution.html",
"refsource": "MISC",
"tags": [],
"url": "http://packetstormsecurity.com/files/162960/Microsoft-RDP-Remote-Code-Execution.html"
}
]
}
},
"impact": {
"baseMetricV2": {
"acInsufInfo": false,
"cvssV2": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"userInteractionRequired": false
},
"baseMetricV3": {
"cvssV3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
},
"lastModifiedDate": "2021-06-03T18:15Z",
"publishedDate": "2019-05-16T19:29Z"
}
}
}
GHSA-FQ64-GMQ7-JJVG
Vulnerability from github – Published: 2022-05-24 16:45 – Updated: 2025-10-22 00:31
VLAI?
Details
A remote code execution vulnerability exists in Remote Desktop Services formerly known as Terminal Services when an unauthenticated attacker connects to the target system using RDP and sends specially crafted requests, aka 'Remote Desktop Services Remote Code Execution Vulnerability'.
Severity ?
9.8 (Critical)
{
"affected": [],
"aliases": [
"CVE-2019-0708"
],
"database_specific": {
"cwe_ids": [
"CWE-416"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2019-05-16T19:29:00Z",
"severity": "CRITICAL"
},
"details": "A remote code execution vulnerability exists in Remote Desktop Services formerly known as Terminal Services when an unauthenticated attacker connects to the target system using RDP and sends specially crafted requests, aka \u0027Remote Desktop Services Remote Code Execution Vulnerability\u0027.",
"id": "GHSA-fq64-gmq7-jjvg",
"modified": "2025-10-22T00:31:40Z",
"published": "2022-05-24T16:45:48Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-0708"
},
{
"type": "WEB",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-166360.pdf"
},
{
"type": "WEB",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-406175.pdf"
},
{
"type": "WEB",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-433987.pdf"
},
{
"type": "WEB",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-616199.pdf"
},
{
"type": "WEB",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-832947.pdf"
},
{
"type": "WEB",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-932041.pdf"
},
{
"type": "WEB",
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0708"
},
{
"type": "WEB",
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2019-0708"
},
{
"type": "WEB",
"url": "http://packetstormsecurity.com/files/153133/Microsoft-Windows-Remote-Desktop-BlueKeep-Denial-Of-Service.html"
},
{
"type": "WEB",
"url": "http://packetstormsecurity.com/files/153627/Microsoft-Windows-RDP-BlueKeep-Denial-Of-Service.html"
},
{
"type": "WEB",
"url": "http://packetstormsecurity.com/files/154579/BlueKeep-RDP-Remote-Windows-Kernel-Use-After-Free.html"
},
{
"type": "WEB",
"url": "http://packetstormsecurity.com/files/155389/Microsoft-Windows-7-x86-BlueKeep-RDP-Use-After-Free.html"
},
{
"type": "WEB",
"url": "http://packetstormsecurity.com/files/162960/Microsoft-RDP-Remote-Code-Execution.html"
},
{
"type": "WEB",
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190529-01-windows-en"
},
{
"type": "WEB",
"url": "http://www.huawei.com/en/psirt/security-notices/huawei-sn-20190515-01-windows-en"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
CERTFR-2019-ALE-006
Vulnerability from certfr_alerte - Published: 2019-05-22 - Updated: 2019-10-25
[Mise à jour du 22 mai 2019 : Informations complémentaires et situation]
[Mise à jour du 23 mai 2019 : Informations sur la publication d'un correctif pour Windows Vista]
Le 14 mai 2019, lors de sa mise à jour mensuelle, Microsoft a publié un
correctif pour une vulnérabilité identifiée comme CVE-2019-0708 [1].
Cette vulnérabilité impacte les services de bureau à distance (Remote
Desktop Services, RDS), basé sur le protocole de bureau à distance
(Remote Desktop Protocol, RDP) et régulièrement utilisé dans le cadre
de l'administration à distance. Cette vulnérabilité permet l'exécution
de code arbitraire sur un système vulnérable, et ce sans
authentification ni interaction d'un utilisateur.
De par le risque particulièrement important qui découlerait d'une exploitation de cette faille, elle a fait l'objet d'un traitement spécifique de la part de l'éditeur. En effet, en plus des correctifs pour les systèmes actuellement maintenus par Microsoft, des mises à jours exceptionnelles ont également été rendues disponibles pour certains des anciens systèmes n'étant plus pris en charge. Cela comprend les systèmes Windows 2003 ainsi que Windows XP.
Le 23 mai 2019, Microsoft a rendu disponible un correctif pour le système Windows Vista [4].
De plus, une publication de l'éditeur alertant sur le caractère singulier de cette faille et mettant en garde contre un risque d'attaque par un ver informatique exploitant la CVE-2019-0708 a été mise en ligne sur le blog de Microsoft [2].
À la date du 22 mai 2019, aucun code d’exploitation public n’est disponible. Cependant, plusieurs sources fiables sur Internet se font l'écho de l’existence de tels codes, rendant alors crédible le risque de divulgation des détails techniques et l’exploitation automatisée qui pourrait suivre.
Une proposition de règle de détection s'appuyant sur certaines caractéristiques de la vulnérabilité a été rendue publique par NCC Group [3]. Il est ainsi possible dans certains cas de détecter une tentative d'exploitation. Cependant, dans le cas général les communications passent par un canal chiffré ce qui empêche les détections au niveau du réseau.
NLA (Network Level Authentication)
Pour éviter l’exploitation en pré-authentification, il est possible
d'utiliser la fonctionnalité NLA qui force une authentification du
client lors de l’initialisation de la connexion RDP.
La fonctionnalité NLA est implémentée depuis Windows Vista et Windows
Server 2008 mais n’est pas forcément imposée par la configuration du
service RDS. Il n’existe pas de configuration par défaut relative à
l’activation de cette fonctionnalité et l’administrateur définit ces
paramètres lors de l’installation.
Recommandations
Le CERT-FR recommande en premier lieu l'application des correctifs disponibles dans les plus brefs délais.
Les systèmes vulnérables doivent être identifiés et les mesures suivantes doivent être appliquées au plus vite :
| Systèmes d'exploitation | Mesures |
|---|---|
| Windows 7 Windows Server 2008 |
En fonction de la configuration de NLA,
les machines sont vulnérables en pré-authentification ou en post
authentification. Pour que la vulnérabilité ne soit pas exploitable en
pré-authentification, NLA doit être activé (cf. section
Contournement provisoire) Le CERT-FR recommande donc de déployer, par GPO si applicable, l’activation de NLA pour le service RDS. Quelle que soit la configuration, les correctifs doivent être appliqués sur ces systèmes. Il est rappelé que la fin du support de ces systèmes d’exploitation étant proche (14 janvier 2020), il est nécessaire de migrer vers des versions supportées. |
| Windows Vista | Ce système n'est plus supporté par
l’éditeur. L'utilisation de la fonctionnalité NLA permet d'éviter
l'exploitation de la vulnérabilité en pré-authentification et peut être
utilisé comme solution de contournement provisoire. Bien qu'un correctif soit disponible pour cette version de Windows, la mise à niveau vers des systèmes soutenus par l’éditeur doit être réalisée en urgence. |
| Windows XP Windows Server 2003 |
Ces systèmes ne sont plus supportés par
l’éditeur et aucun mécanisme de défense en profondeur n’est disponible
pour réduire la gravité de cette vulnérabilité. Aucune machine avec ces versions de Windows ne doit être connectée à Internet ou à un réseau local ni administrée par ce vecteur. Bien que des correctifs soient disponibles pour ces versions de Windows, le remplacement vers des systèmes soutenus par l’éditeur doit être réalisé en urgence. |
Solution
Le CERT-FR recommande l'application des correctifs disponibles dans les plus brefs délais. Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Contournement provisoire
L'activation de NLA ne permet pas de corriger la vulnérabilité mais impose une authentification avant l'exécution de la section vulnérable du code. Elle pourra se faire à l'aide de la GPO suivante (version française puis version anglaise):
[pastacode lang="bash" manual="GPO%20%3E%20Configuration%20ordinateur%20%3E%20Mod%C3%A8les%20d%E2%80%99administration%20%3E%20Composants%20Windows%20%3E%20%0AService%20Bureau%20%C3%A0%20distance%20%3E%20H%C3%B4te%20de%20la%20session%20Bureau%20%C3%A0%20distance%20%3E%20S%C3%A9curit%C3%A9" message="" highlight="" provider="manual"/]
[pastacode lang="bash" manual="GPO%20%3E%20Computer%20Configuration%20%3E%20Administrative%20Templates%20%3E%20Windows%20Components%20%3E%20%0ARemote%20Desktop%20Services%20%3E%20Remote%20Desktop%20Session%20Host%20%3E%20Security" message="" highlight="" provider="manual"/]
NoneImpacted products
References
| Title | Publication Time | Tags | |
|---|---|---|---|
|
|
|||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Windows XP",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows Server 2008 R2",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows Server 2008",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows 7",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows 2003",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows Vista",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
}
],
"affected_systems_content": null,
"closed_at": "2019-10-25",
"content": "## Solution\n\nLe CERT-FR recommande l\u0027application des correctifs disponibles dans les\nplus brefs d\u00e9lais. Se r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour\nl\u0027obtention des correctifs (cf. section Documentation).\n\n## Contournement provisoire\n\n\u00a0\n\nL\u0027activation de NLA ne permet pas de corriger la vuln\u00e9rabilit\u00e9 mais\nimpose une authentification avant l\u0027ex\u00e9cution de la section vuln\u00e9rable\ndu code. Elle pourra se faire \u00e0 l\u0027aide de la GPO suivante (version\nfran\u00e7aise puis version anglaise):\n\n\\[pastacode lang=\"bash\"\nmanual=\"GPO%20%3E%20Configuration%20ordinateur%20%3E%20Mod%C3%A8les%20d%E2%80%99administration%20%3E%20Composants%20Windows%20%3E%20%0AService%20Bureau%20%C3%A0%20distance%20%3E%20H%C3%B4te%20de%20la%20session%20Bureau%20%C3%A0%20distance%20%3E%20S%C3%A9curit%C3%A9\"\nmessage=\"\" highlight=\"\" provider=\"manual\"/\\]\n\n\\[pastacode lang=\"bash\"\nmanual=\"GPO%20%3E%20Computer%20Configuration%20%3E%20Administrative%20Templates%20%3E%20Windows%20Components%20%3E%20%0ARemote%20Desktop%20Services%20%3E%20Remote%20Desktop%20Session%20Host%20%3E%20Security\"\nmessage=\"\" highlight=\"\" provider=\"manual\"/\\]\n",
"cves": [
{
"name": "CVE-2019-0708",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-0708"
}
],
"initial_release_date": "2019-05-22T00:00:00",
"last_revision_date": "2019-10-25T00:00:00",
"links": [
{
"title": "[3] R\u00e8gle de d\u00e9tection r\u00e9seau Suricata de NCC Group pour la CVE-2019-0708",
"url": "https://github.com/nccgroup/Cyber-Defence/blob/master/Signatures/suricata/2019_05_rdp_cve_2019_0708.txt"
},
{
"title": "[4] Instructions pour les clients concernant la CVE-2019-0708 de Microsoft",
"url": "https://support.microsoft.com/fr-fr/help/4500705/customer-guidance-for-cve-2019-0708"
},
{
"title": "Avis CERT-FR CERTFR-2019-AVI-223",
"url": "https://cert.ssi.gouv.fr/avis/CERTFR-2019-AVI-223/"
},
{
"title": "[2] Publication de blogue de Microsoft sur la vuln\u00e9rabilit\u00e9 CVE-2019-0708",
"url": "https://blogs.technet.microsoft.com/msrc/2019/05/14/prevent-a-worm-by-updating-remote-desktop-services-cve-2019-0708/"
}
],
"reference": "CERTFR-2019-ALE-006",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2019-05-22T00:00:00.000000"
},
{
"description": "Informations compl\u00e9mentaires sur les syst\u00e8mes impact\u00e9s, les recommandations et les contournements provisoires",
"revision_date": "2019-05-22T00:00:00.000000"
},
{
"description": "Mise en forme",
"revision_date": "2019-05-23T00:00:00.000000"
},
{
"description": "Ajout des informations sur le correctif pour Windows Vista",
"revision_date": "2019-05-23T00:00:00.000000"
},
{
"description": "Correction syntaxique",
"revision_date": "2019-05-24T00:00:00.000000"
},
{
"description": "Cl\u00f4ture de l\u0027alerte",
"revision_date": "2019-10-25T00:00:00.000000"
}
],
"risks": [
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
}
],
"summary": "\u003cstrong\u003e\\[Mise \u00e0 jour du 22 mai 2019 : Informations compl\u00e9mentaires et\nsituation\\]\u003c/strong\u003e\n\n\u003cstrong\u003e\\[Mise \u00e0 jour du 23 mai 2019 : Informations sur la publication d\u0027un\ncorrectif pour Windows Vista\\]\u003c/strong\u003e\n\nLe 14 mai 2019, lors de sa mise \u00e0 jour mensuelle, Microsoft a publi\u00e9 un\ncorrectif pour une vuln\u00e9rabilit\u00e9 identifi\u00e9e comme CVE-2019-0708 \\[1\\]. \nCette vuln\u00e9rabilit\u00e9 impacte les services de bureau \u00e0 distance (*Remote\nDesktop Services*, RDS), bas\u00e9 sur le protocole de bureau \u00e0 distance\n(*Remote Desktop Protocol*, RDP) et r\u00e9guli\u00e8rement utilis\u00e9 dans le cadre\nde l\u0027administration \u00e0 distance. Cette vuln\u00e9rabilit\u00e9 permet l\u0027ex\u00e9cution\nde code arbitraire sur un syst\u00e8me vuln\u00e9rable, et ce sans\nauthentification ni interaction d\u0027un utilisateur.\n\nDe par le risque particuli\u00e8rement important qui d\u00e9coulerait d\u0027une\nexploitation de cette faille, elle a fait l\u0027objet d\u0027un traitement\nsp\u00e9cifique de la part de l\u0027\u00e9diteur. En effet, en plus des correctifs\npour les syst\u00e8mes actuellement maintenus par Microsoft, des mises \u00e0\njours exceptionnelles ont \u00e9galement \u00e9t\u00e9 rendues disponibles pour\ncertains des anciens syst\u00e8mes n\u0027\u00e9tant plus pris en charge. Cela comprend\nles syst\u00e8mes Windows 2003 ainsi que Windows XP.\n\nLe 23 mai 2019, Microsoft a rendu disponible un correctif pour le\nsyst\u00e8me Windows Vista \\[4\\].\n\nDe plus, une publication de l\u0027\u00e9diteur alertant sur le caract\u00e8re\nsingulier de cette faille et mettant en garde contre un risque d\u0027attaque\npar un ver informatique exploitant la CVE-2019-0708 a \u00e9t\u00e9 mise en ligne\nsur le blog de Microsoft \\[2\\].\n\n\u00c0 la date du 22 mai 2019, aucun code d\u2019exploitation public n\u2019est\ndisponible. Cependant, plusieurs sources fiables sur Internet se font\nl\u0027\u00e9cho de l\u2019existence de tels codes, rendant alors cr\u00e9dible le risque de\ndivulgation des d\u00e9tails techniques et l\u2019exploitation automatis\u00e9e qui\npourrait suivre.\n\nUne proposition de r\u00e8gle de d\u00e9tection s\u0027appuyant sur certaines\ncaract\u00e9ristiques de la vuln\u00e9rabilit\u00e9 a \u00e9t\u00e9 rendue publique par NCC Group\n\\[3\\]. Il est ainsi possible dans certains cas de d\u00e9tecter une tentative\nd\u0027exploitation. Cependant, dans le cas g\u00e9n\u00e9ral les communications\npassent par un canal chiffr\u00e9 ce qui emp\u00eache les d\u00e9tections au niveau du\nr\u00e9seau.\n\n### NLA (*Network Level Authentication*)\n\nPour \u00e9viter l\u2019exploitation en pr\u00e9-authentification, il est possible\nd\u0027utiliser la fonctionnalit\u00e9 NLA qui force une authentification du\nclient lors de l\u2019initialisation de la connexion RDP. \nLa fonctionnalit\u00e9 NLA est impl\u00e9ment\u00e9e depuis Windows Vista et Windows\nServer 2008 mais n\u2019est pas forc\u00e9ment impos\u00e9e par la configuration du\nservice RDS. Il n\u2019existe pas de configuration par d\u00e9faut relative \u00e0\nl\u2019activation de cette fonctionnalit\u00e9 et l\u2019administrateur d\u00e9finit ces\nparam\u00e8tres lors de l\u2019installation.\n\n### Recommandations\n\nLe CERT-FR recommande en premier lieu l\u0027application des correctifs\ndisponibles dans les plus brefs d\u00e9lais.\n\nLes syst\u00e8mes vuln\u00e9rables doivent \u00eatre identifi\u00e9s et les mesures\nsuivantes doivent \u00eatre appliqu\u00e9es au plus vite :\n\n\u003ctable\u003e\n\u003ccolgroup\u003e\n\u003ccol style=\"width: 50%\" /\u003e\n\u003ccol style=\"width: 50%\" /\u003e\n\u003c/colgroup\u003e\n\u003ctbody\u003e\n\u003ctr class=\"header\"\u003e\n\u003cth\u003eSyst\u00e8mes d\u0027exploitation\u003c/th\u003e\n\u003cth style=\"text-align: center;\"\u003eMesures\u003c/th\u003e\n\u003c/tr\u003e\n\n\u003ctr class=\"odd\"\u003e\n\u003ctd\u003eWindows 7\u003cbr /\u003e\nWindows Server 2008\u003c/td\u003e\n\u003ctd style=\"text-align: center;\"\u003eEn fonction de la configuration de NLA,\nles machines sont vuln\u00e9rables en pr\u00e9-authentification ou en post\nauthentification. Pour que la vuln\u00e9rabilit\u00e9 ne soit pas exploitable en\npr\u00e9-authentification, NLA doit \u00eatre activ\u00e9 (cf. section\n\u003cstrong\u003eContournement provisoire\u003c/strong\u003e)\u003cbr /\u003e\nLe CERT-FR recommande donc de d\u00e9ployer, par GPO si applicable,\nl\u2019activation de NLA pour le service RDS.\u003cbr /\u003e\nQuelle que soit la configuration, les correctifs doivent \u00eatre appliqu\u00e9s\nsur ces syst\u00e8mes.\u003cbr /\u003e\nIl est rappel\u00e9 que la fin du support de ces syst\u00e8mes d\u2019exploitation\n\u00e9tant proche (14 janvier 2020), il est n\u00e9cessaire de migrer vers des\nversions support\u00e9es.\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr class=\"even\"\u003e\n\u003ctd\u003eWindows Vista\u003c/td\u003e\n\u003ctd style=\"text-align: center;\"\u003eCe syst\u00e8me n\u0027est plus support\u00e9 par\nl\u2019\u00e9diteur. L\u0027utilisation de la fonctionnalit\u00e9 NLA permet d\u0027\u00e9viter\nl\u0027exploitation de la vuln\u00e9rabilit\u00e9 en pr\u00e9-authentification et peut \u00eatre\nutilis\u00e9 comme solution de contournement provisoire.\u003cbr /\u003e\nBien qu\u0027un correctif soit disponible pour cette version de Windows, la\nmise \u00e0 niveau vers des syst\u00e8mes soutenus par l\u2019\u00e9diteur doit \u00eatre\nr\u00e9alis\u00e9e en urgence.\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr class=\"odd\"\u003e\n\u003ctd\u003eWindows XP\u003cbr /\u003e\nWindows Server\u003cbr /\u003e\n2003\u003c/td\u003e\n\u003ctd style=\"text-align: center;\"\u003eCes syst\u00e8mes ne sont plus support\u00e9s par\nl\u2019\u00e9diteur et aucun m\u00e9canisme de d\u00e9fense en profondeur n\u2019est disponible\npour r\u00e9duire la gravit\u00e9 de cette vuln\u00e9rabilit\u00e9.\u003cbr /\u003e\nAucune machine avec ces versions de Windows ne doit \u00eatre connect\u00e9e \u00e0\nInternet ou \u00e0 un r\u00e9seau local ni administr\u00e9e par ce vecteur.\u003cbr /\u003e\nBien que des correctifs soient disponibles pour ces versions de Windows,\nle remplacement vers des syst\u00e8mes soutenus par l\u2019\u00e9diteur doit \u00eatre\nr\u00e9alis\u00e9 en urgence.\u003c/td\u003e\n\u003c/tr\u003e\n\u003c/tbody\u003e\n\u003c/table\u003e\n",
"title": "Vuln\u00e9rabilit\u00e9 dans Microsoft Remote Desktop Services",
"vendor_advisories": [
{
"published_at": null,
"title": "[1] Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2019-0708 du 14 mai 2019",
"url": "https://portal.msrc.microsoft.com/fr-FR/security-guidance/advisory/CVE-2019-0708"
}
]
}
CERTFR-2019-ALE-012
Vulnerability from certfr_alerte - Published: 2019-08-14 - Updated: 2019-10-25
Le 13 août 2019, lors de la publication mensuelle de ses correctifs, Microsoft a corrigé plusieurs vulnérabilités affectant les services de bureau à distance (Remote Desktop Services, RDS). Parmi les failles corrigées, quatre d'entre elles, critiques, permettent une exécution de code arbitraire à distance. Selon l'éditeur, elles touchent les systèmes Windows 7 SP1, Windows Server 2008 R2 SP1, Windows Server 2012, Windows 8.1, Windows Server 2012 R2 ainsi que toutes les versions supportées de Windows 10, cela incluant les versions serveur.
Ces vulnérabilités identifiées comme CVE-2019-1181, CVE-2019-1182, CVE-2019-1222 et CVE-2019-1226 peuvent être exploitées sans authentification et sont considérées comme étant d'une criticité similaire à la faille CVE-2019-0708 [1] corrigée au mois de mai par l'éditeur.
En accompagnement du bulletin mensuel sur les correctifs de sécurité, Microsoft a également publié un article de blogue [2] revenant sur deux de ces failles, les CVE-2019-1181 et CVE-2019-1182. Celui-ci incite les utilisateurs à mettre à jour leurs systèmes dans les plus brefs délais et met en garde contre le risque d'utilisation de ce type de vulnérabilité dans des attaques à propagation de type "ver informatique".
[Mise à jour 14 août 2019]
Microsoft a bloqué la mise à jour d'août 2019 pour les utilisateurs de produits Symantec et Norton [3][4]. En effet, l'algorithme SHA-2 pour la signature du certificat n'est pas supporté par ces produits, ceux-ci ne peuvent donc pas vérifier la mise à jour.
Microsoft déconseille de forcer l'installation. Aucune solution n'est disponible pour l'instant.
Solution
Le CERT-FR recommande l'application des correctifs disponibles dans les plus brefs délais. Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Contournement provisoire
Un contournement partiel existe lorsque le protocole Network Level Authentication (NLA) est activé. Cette fonctionnalité de sécurité force l'authentification du client lors de l’initialisation d'une connexion avec le service RDS. Cela a pour conséquence d'empêcher l'exploitation de ces failles en pré-authentification. Malgré son utilisation, les machines demeurent vulnérables à une exécution de code arbitraire à distance.
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Microsoft | Windows | Windows Server 2012 | ||
| Microsoft | Windows | Windows Server 2019 | ||
| Microsoft | Windows | Windows Server 2012 R2 | ||
| Microsoft | Windows | Windows Server 2008 R2 | ||
| Microsoft | Windows | Windows 10 | ||
| Microsoft | Windows | Windows RT 8.1 | ||
| Microsoft | Windows | Windows Server 2016 | ||
| Microsoft | Windows | Windows 7 SP1 | ||
| Microsoft | Windows | Windows Server 2008 R2 SP1 | ||
| Microsoft | Windows | Windows 8.1 |
References
| Title | Publication Time | Tags | |
|---|---|---|---|
|
|
|||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Windows Server 2012",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows Server 2019",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows Server 2012 R2",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows Server 2008 R2",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows 10",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows RT 8.1",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows Server 2016",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows 7 SP1",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows Server 2008 R2 SP1",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows 8.1",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
}
],
"affected_systems_content": null,
"closed_at": "2019-10-25",
"content": "## Solution\n\nLe CERT-FR recommande l\u0027application des correctifs disponibles dans les\nplus brefs d\u00e9lais. Se r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour\nl\u0027obtention des correctifs (cf. section Documentation).\n\n## Contournement provisoire\n\nUn contournement partiel existe lorsque le protocole *Network Level\nAuthentication* (NLA) est activ\u00e9. Cette fonctionnalit\u00e9 de s\u00e9curit\u00e9 force\nl\u0027authentification du client lors de l\u2019initialisation d\u0027une connexion\navec le service RDS. Cela a pour cons\u00e9quence d\u0027emp\u00eacher l\u0027exploitation\nde ces failles en pr\u00e9-authentification. Malgr\u00e9 son utilisation, les\nmachines demeurent vuln\u00e9rables \u00e0 une ex\u00e9cution de code arbitraire \u00e0\ndistance.\n",
"cves": [
{
"name": "CVE-2019-1222",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-1222"
},
{
"name": "CVE-2019-1182",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-1182"
},
{
"name": "CVE-2019-0708",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-0708"
},
{
"name": "CVE-2019-1181",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-1181"
},
{
"name": "CVE-2019-1226",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-1226"
}
],
"initial_release_date": "2019-08-14T00:00:00",
"last_revision_date": "2019-10-25T00:00:00",
"links": [
{
"title": "Communiqu\u00e9 Symantec",
"url": "https://support.symantec.com/us/en/article.tech255857.html"
},
{
"title": "Publication de blogue de Microsoft sur les vuln\u00e9rabilit\u00e9s CVE-2019-1181 et CVE-2019-1182",
"url": "https://msrc-blog.microsoft.com/2019/08/13/patch-new-wormable-vulnerabilities-in-remote-desktop-services-cve-2019-1181-1182/"
},
{
"title": "Avis CERT-FR CERTFR-2019-AVI-397",
"url": "https://cert.ssi.gouv.fr/avis/CERTFR-2019-AVI-397/"
},
{
"title": "Alerte de s\u00e9curit\u00e9 du CERT-FR\u00a0CERTFR-2019-ALE-006 du 15 mai 2019",
"url": "https://www.cert.ssi.gouv.fr/alerte/CERTFR-2019-ALE-006/"
},
{
"title": "Publication de blogue de Microsoft l\u0027incompatibilit\u00e9 de la mise \u00e0 jour d\u0027ao\u00fbt 2019 avec les produits Symantec",
"url": "https://support.microsoft.com/fr-fr/help/4512486/windows-7-update-kb4512486"
}
],
"reference": "CERTFR-2019-ALE-012",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2019-08-14T00:00:00.000000"
},
{
"description": "Probl\u00e8me d\u0027incompatibilit\u00e9 avec les produits Symantec",
"revision_date": "2019-08-14T00:00:00.000000"
},
{
"description": "Cl\u00f4ture de l\u0027alerte",
"revision_date": "2019-10-25T00:00:00.000000"
}
],
"risks": [
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
}
],
"summary": "Le 13 ao\u00fbt 2019, lors de la publication mensuelle de ses correctifs,\nMicrosoft a corrig\u00e9 plusieurs vuln\u00e9rabilit\u00e9s affectant les services de\nbureau \u00e0 distance (*Remote Desktop Services*, RDS). Parmi les failles\ncorrig\u00e9es, quatre d\u0027entre elles, critiques, permettent une ex\u00e9cution de\ncode arbitraire \u00e0 distance. Selon l\u0027\u00e9diteur, elles touchent les syst\u00e8mes\nWindows 7 SP1, Windows Server 2008 R2 SP1, Windows Server 2012, Windows\n8.1, Windows Server 2012 R2 ainsi que toutes les versions support\u00e9es de\nWindows 10, cela incluant les versions serveur.\n\nCes vuln\u00e9rabilit\u00e9s identifi\u00e9es comme CVE-2019-1181, CVE-2019-1182,\nCVE-2019-1222 et CVE-2019-1226 peuvent \u00eatre exploit\u00e9es sans\nauthentification et sont consid\u00e9r\u00e9es comme \u00e9tant d\u0027une criticit\u00e9\nsimilaire \u00e0 la faille CVE-2019-0708 \\[1\\] corrig\u00e9e au mois de mai par\nl\u0027\u00e9diteur.\n\nEn accompagnement du bulletin mensuel sur les correctifs de s\u00e9curit\u00e9,\nMicrosoft a \u00e9galement publi\u00e9 un article de blogue \\[2\\] revenant sur\ndeux de ces failles, les CVE-2019-1181 et CVE-2019-1182. Celui-ci incite\nles utilisateurs \u00e0 mettre \u00e0 jour leurs syst\u00e8mes dans les plus brefs\nd\u00e9lais et met en garde contre le risque d\u0027utilisation de ce type de\nvuln\u00e9rabilit\u00e9 dans des attaques \u00e0 propagation de type \"ver\ninformatique\".\n\n\u00a0\n\n\u003cstrong\u003e\\[Mise \u00e0 jour 14 ao\u00fbt 2019\\]\u003c/strong\u003e\n\nMicrosoft a bloqu\u00e9 la mise \u00e0 jour d\u0027ao\u00fbt 2019 pour les utilisateurs de\nproduits Symantec et Norton \\[3\\]\\[4\\]. En effet, l\u0027algorithme SHA-2\npour la signature du certificat n\u0027est pas support\u00e9 par ces produits,\nceux-ci ne peuvent donc pas v\u00e9rifier la mise \u00e0 jour.\n\nMicrosoft d\u00e9conseille de forcer l\u0027installation. Aucune solution n\u0027est\ndisponible pour l\u0027instant.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans Microsoft Remote Desktop Services",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2019-1226 du 13 ao\u00fbt 2019",
"url": "https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/CVE-2019-1226"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2019-1222 du 13 ao\u00fbt 2019",
"url": "https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/CVE-2019-1222"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2019-1181 du 13 ao\u00fbt 2019",
"url": "https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/CVE-2019-1181"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2019-1182 du 13 ao\u00fbt 2019",
"url": "https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/CVE-2019-1182"
}
]
}
CNVD-2019-14264
Vulnerability from cnvd - Published: 2019-05-08
VLAI Severity ?
Title
Microsoft Windows远程桌面服务远程代码执行漏洞
Description
Microsoft Windows 7是微软发布的一款操作系统。Windows Server 2008是一款微软发行的服务器操作系统。Microsoft Windows XP是一款流行的视窗操作系统。Microsoft Windows Server 2003 R2是美国微软(Microsoft)公司发布的一套服务器操作系统。
Microsoft Windows远程桌面服务存在远程代码执行漏洞。当未经身份验证的攻击者使用RDP连接到目标系统并发送精心设计的请求时,攻击者可利用漏洞在目标系统上执行任意代码。
Severity
高
Patch Name
Microsoft Windows远程桌面服务远程代码执行漏洞的补丁
Patch Description
Microsoft Windows 7是微软发布的一款操作系统。Windows Server 2008是一款微软发行的服务器操作系统。Microsoft Windows XP是一款流行的视窗操作系统。Microsoft Windows Server 2003 R2是美国微软(Microsoft)公司发布的一套服务器操作系统。
Microsoft Windows远程桌面服务存在远程代码执行漏洞。当未经身份验证的攻击者使用RDP连接到目标系统并发送精心设计的请求时,攻击者可利用漏洞在目标系统上执行任意代码。目前,供应商发布了安全公告及相关补丁信息,修复了此漏洞。
Formal description
用户可参考如下供应商提供的安全公告获得补丁信息: https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0708?from=timeline
Reference
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0708?from=timeline
Impacted products
| Name | ['Microsoft Windows Server 2008 SP2', 'Microsoft Windows 7 SP1', 'Microsoft Windows Server 2003 SP2', 'Microsoft Windows XP', 'Microsoft Windows Server 2008 R2 SP1'] |
|---|
{
"cves": {
"cve": {
"cveNumber": "CVE-2019-0708"
}
},
"description": "Microsoft Windows 7\u662f\u5fae\u8f6f\u53d1\u5e03\u7684\u4e00\u6b3e\u64cd\u4f5c\u7cfb\u7edf\u3002Windows Server 2008\u662f\u4e00\u6b3e\u5fae\u8f6f\u53d1\u884c\u7684\u670d\u52a1\u5668\u64cd\u4f5c\u7cfb\u7edf\u3002Microsoft Windows XP\u662f\u4e00\u6b3e\u6d41\u884c\u7684\u89c6\u7a97\u64cd\u4f5c\u7cfb\u7edf\u3002Microsoft Windows Server 2003 R2\u662f\u7f8e\u56fd\u5fae\u8f6f\uff08Microsoft\uff09\u516c\u53f8\u53d1\u5e03\u7684\u4e00\u5957\u670d\u52a1\u5668\u64cd\u4f5c\u7cfb\u7edf\u3002\n\nMicrosoft Windows\u8fdc\u7a0b\u684c\u9762\u670d\u52a1\u5b58\u5728\u8fdc\u7a0b\u4ee3\u7801\u6267\u884c\u6f0f\u6d1e\u3002\u5f53\u672a\u7ecf\u8eab\u4efd\u9a8c\u8bc1\u7684\u653b\u51fb\u8005\u4f7f\u7528RDP\u8fde\u63a5\u5230\u76ee\u6807\u7cfb\u7edf\u5e76\u53d1\u9001\u7cbe\u5fc3\u8bbe\u8ba1\u7684\u8bf7\u6c42\u65f6\uff0c\u653b\u51fb\u8005\u53ef\u5229\u7528\u6f0f\u6d1e\u5728\u76ee\u6807\u7cfb\u7edf\u4e0a\u6267\u884c\u4efb\u610f\u4ee3\u7801\u3002",
"discovererName": "The UK\u0027s National Cyber Security Centre (NCSC)",
"formalWay": "\u7528\u6237\u53ef\u53c2\u8003\u5982\u4e0b\u4f9b\u5e94\u5546\u63d0\u4f9b\u7684\u5b89\u5168\u516c\u544a\u83b7\u5f97\u8865\u4e01\u4fe1\u606f\uff1a\r\nhttps://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0708?from=timeline",
"isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
"number": "CNVD-2019-14264",
"openTime": "2019-05-08",
"patchDescription": "Microsoft Windows 7\u662f\u5fae\u8f6f\u53d1\u5e03\u7684\u4e00\u6b3e\u64cd\u4f5c\u7cfb\u7edf\u3002Windows Server 2008\u662f\u4e00\u6b3e\u5fae\u8f6f\u53d1\u884c\u7684\u670d\u52a1\u5668\u64cd\u4f5c\u7cfb\u7edf\u3002Microsoft Windows XP\u662f\u4e00\u6b3e\u6d41\u884c\u7684\u89c6\u7a97\u64cd\u4f5c\u7cfb\u7edf\u3002Microsoft Windows Server 2003 R2\u662f\u7f8e\u56fd\u5fae\u8f6f\uff08Microsoft\uff09\u516c\u53f8\u53d1\u5e03\u7684\u4e00\u5957\u670d\u52a1\u5668\u64cd\u4f5c\u7cfb\u7edf\u3002\r\n\r\nMicrosoft Windows\u8fdc\u7a0b\u684c\u9762\u670d\u52a1\u5b58\u5728\u8fdc\u7a0b\u4ee3\u7801\u6267\u884c\u6f0f\u6d1e\u3002\u5f53\u672a\u7ecf\u8eab\u4efd\u9a8c\u8bc1\u7684\u653b\u51fb\u8005\u4f7f\u7528RDP\u8fde\u63a5\u5230\u76ee\u6807\u7cfb\u7edf\u5e76\u53d1\u9001\u7cbe\u5fc3\u8bbe\u8ba1\u7684\u8bf7\u6c42\u65f6\uff0c\u653b\u51fb\u8005\u53ef\u5229\u7528\u6f0f\u6d1e\u5728\u76ee\u6807\u7cfb\u7edf\u4e0a\u6267\u884c\u4efb\u610f\u4ee3\u7801\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
"patchName": "Microsoft Windows\u8fdc\u7a0b\u684c\u9762\u670d\u52a1\u8fdc\u7a0b\u4ee3\u7801\u6267\u884c\u6f0f\u6d1e\u7684\u8865\u4e01",
"products": {
"product": [
"Microsoft Windows Server 2008 SP2",
"Microsoft Windows 7 SP1",
"Microsoft Windows Server 2003 SP2",
"Microsoft Windows XP",
"Microsoft Windows Server 2008 R2 SP1"
]
},
"referenceLink": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0708?from=timeline",
"serverity": "\u9ad8",
"submitTime": "2019-05-15",
"title": "Microsoft Windows\u8fdc\u7a0b\u684c\u9762\u670d\u52a1\u8fdc\u7a0b\u4ee3\u7801\u6267\u884c\u6f0f\u6d1e"
}
FKIE_CVE-2019-0708
Vulnerability from fkie_nvd - Published: 2019-05-16 19:29 - Updated: 2025-10-29 14:45
Severity ?
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
A remote code execution vulnerability exists in Remote Desktop Services formerly known as Terminal Services when an unauthenticated attacker connects to the target system using RDP and sends specially crafted requests, aka 'Remote Desktop Services Remote Code Execution Vulnerability'.
References
Impacted products
{
"cisaActionDue": "2022-05-03",
"cisaExploitAdd": "2021-11-03",
"cisaRequiredAction": "Apply updates per vendor instructions.",
"cisaVulnerabilityName": "Microsoft Remote Desktop Services Remote Code Execution Vulnerability",
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:microsoft:windows_7:-:sp1:*:*:*:*:*:*",
"matchCriteriaId": "C2B1C231-DE19-4B8F-A4AA-5B3A65276E46",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:*:*",
"matchCriteriaId": "5F422A8C-2C4E-42C8-B420-E0728037E15C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:*:*",
"matchCriteriaId": "2ACA9287-B475-4AF7-A4DA-A7143CEF9E57",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:axiom_multix_m_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7EB36445-3462-4398-84F9-1387A7436FC7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:axiom_multix_m:-:*:*:*:*:*:*:*",
"matchCriteriaId": "66829DE2-25D6-4FF5-B1AA-6637AE053ACE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:axiom_vertix_md_trauma_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "733840A0-5D17-4D92-BB45-357E39CC9190",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:axiom_vertix_md_trauma:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4FAFB504-D8F4-4589-9D25-616CB38BF257",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:axiom_vertix_solitaire_m_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A9B1B857-3051-4312-A997-99570D567D74",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:axiom_vertix_solitaire_m:-:*:*:*:*:*:*:*",
"matchCriteriaId": "86974C5C-C4A4-4109-B5DC-85D4F01E94D5",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:mobilett_xp_digital_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7392294B-487E-4B31-B6A5-560C4F547338",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:mobilett_xp_digital:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DC524FD4-B53D-4E22-A9A9-33EB73811CF3",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:multix_pro_acss_p_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DCB111CF-1760-45FE-A005-68965EEB9034",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:multix_pro_acss_p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "46335917-7477-47B9-9D03-079D0AFD6121",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:multix_pro_p_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "72E96638-0DE1-4370-B0FC-8E418BD74C71",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:multix_pro_p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6B9E130C-EB9B-46F2-A67A-1CB22F67E3CF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:multix_pro_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5FE644ED-DFE9-4F11-9C8B-E5EA6CF6BA1E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:multix_pro:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1C221669-D976-4C2B-8634-2FB0583F27A2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:multix_pro_acss_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4AA78BA8-8443-441D-B629-5F5652296566",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:multix_pro_acss:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F39B002A-3FCC-4F73-8BEA-575BD000C49F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:multix_pro_navy_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F2B6D8DF-5F9B-469E-B8F1-D59021B5D1A6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:multix_pro_navy:-:*:*:*:*:*:*:*",
"matchCriteriaId": "284692FE-2298-43F8-B59E-F86BA2453146",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:multix_swing_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DAD4D073-FA45-4D28-BF69-0A706C61BA32",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:multix_swing:-:*:*:*:*:*:*:*",
"matchCriteriaId": "69644600-D356-45A7-9E8B-91458255C252",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:multix_top_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9AFC6443-6826-4C1F-95D7-621EA0C5B547",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:multix_top:-:*:*:*:*:*:*:*",
"matchCriteriaId": "29DFEA58-1949-41EF-AF8A-A01E2BD64ABE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:multix_top_acss_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "98E0BDAE-DA78-439B-8368-E861BAB682EE",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:multix_top_acss:-:*:*:*:*:*:*:*",
"matchCriteriaId": "68111C12-7DD9-4DB3-AC80-B95A5A063A09",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:multix_top_p_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B92FD292-31EB-448B-BD86-8D14A758A254",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:multix_top_p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "161AD776-6029-43EA-BDDA-FC8357699C33",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:multix_top_acss_p_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FE3A3B2B-D371-49D4-B7C1-A00595282EC2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:multix_top_acss_p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "610660AA-0AA6-434E-B824-80AE565570B7",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:vertix_solitaire_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D1282797-1448-4B11-825F-49863AD4BDC4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:vertix_solitaire:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3A4A8BC9-0249-45EB-91D7-1B57491F4951",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:atellica_solution_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "32E9780A-0015-4245-9CAE-D7573D8C4268",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:atellica_solution:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7B264A65-9109-4629-8F20-1DD6728FAD7F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:aptio_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "502E501A-78A0-4074-BC7D-7BAFE4386337",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:aptio:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3D8C9706-43E8-48E5-913C-FE0FDEEB489F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:streamlab_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "195AD327-F323-4902-9CDB-4C7C1B3D1F3F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:streamlab:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BD03E0CF-4707-4C95-8703-264429D52996",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:centralink_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0D56D3C8-5731-4EE2-B79B-BB74163E3D62",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:centralink:-:*:*:*:*:*:*:*",
"matchCriteriaId": "500986D3-3A08-46C4-9482-88CFA6ED61B5",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:viva_e_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AE2405D2-7048-4541-9526-AA2B88D2A38B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:viva_e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "745742F2-A291-470B-8EB1-482A23873737",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:viva_twin_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D64A2198-C839-43A8-BFEB-D575B372DD7F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:viva_twin:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BA780EE3-B6AB-4393-9997-D09CBB433C51",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:siemens:syngo_lab_process_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B232D046-AD22-445F-8EE0-EED30BCA9DAD",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:rapidpoint_500_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FFF1E341-5481-494A-BAFF-E080E39C9DA7",
"versionEndIncluding": "2.3.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:rapidpoint_500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9A4806F5-0292-45BA-96B9-422958D0CB0F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:lantis_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4B8CA8D2-1BA4-4B58-969D-DBA7F72DA755",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:lantis:-:*:*:*:*:*:*:*",
"matchCriteriaId": "06FF378C-EAAD-4808-9246-010AC0A17E90",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:agile_controller-campus_firmware:v100r002c00:*:*:*:*:*:*:*",
"matchCriteriaId": "A6B574A3-5FCD-4F3E-932D-10334180F4F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:agile_controller-campus_firmware:v100r002c10:*:*:*:*:*:*:*",
"matchCriteriaId": "81635D07-BFBF-4485-B4CF-9C05620DB447",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:agile_controller-campus:-:*:*:*:*:*:*:*",
"matchCriteriaId": "592559FB-7551-4327-9ECE-9325F4173C85",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:bh620_v2_firmware:v100r002c00:*:*:*:*:*:*:*",
"matchCriteriaId": "DAAA4664-EB38-4693-88AD-F226D7A07C93",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:bh620_v2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "95D21222-A1F6-4312-B833-6576F75820C2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:bh621_v2_firmware:v100r002c00:*:*:*:*:*:*:*",
"matchCriteriaId": "FC40CC46-D679-42F8-B2C2-FF3EDA28BCF0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:bh621_v2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "11D61715-5074-41EC-A50F-5C347D85266F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:bh622_v2_firmware:v100r001c00:*:*:*:*:*:*:*",
"matchCriteriaId": "617A06EA-67C0-4714-B8D8-2602E0E34029",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:bh622_v2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6E191F04-E8BE-4D73-89D0-42C2DB288C4D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:bh640_v2_firmware:v100r002c00:*:*:*:*:*:*:*",
"matchCriteriaId": "93792886-51EE-4172-ACED-F195F0556A98",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:bh640_v2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EFBB2CA0-7556-42E8-B7C7-57F1C6477CFF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:ch121_firmware:v100r001c00:*:*:*:*:*:*:*",
"matchCriteriaId": "668E5527-0E2F-40CD-8857-B720A6C9B802",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:ch121:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AA223DE5-F37C-4451-96A9-9DFA479591AB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:ch140_firmware:v100r001c00:*:*:*:*:*:*:*",
"matchCriteriaId": "8D7D565C-DC70-4978-BF91-79DD99FA347C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:ch140:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8DB768F1-FA54-4043-B538-31783D941CC9",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:ch220_firmware:v100r001c00:*:*:*:*:*:*:*",
"matchCriteriaId": "E7D7D307-43F7-43AD-AA2E-F0DB66F7F9D1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:ch220:-:*:*:*:*:*:*:*",
"matchCriteriaId": "ED03ED73-8B5C-4369-8F3A-68497718B488",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:ch221_firmware:v100r001c00:*:*:*:*:*:*:*",
"matchCriteriaId": "685452C8-9B87-4FBC-9E27-0DF5F2B44807",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:ch221:-:*:*:*:*:*:*:*",
"matchCriteriaId": "211005F7-2DAA-40EC-9B92-D2E866052E84",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:ch222_firmware:v100r002c00:*:*:*:*:*:*:*",
"matchCriteriaId": "E41FE7C8-77B4-4EC7-83C3-F587BDC8A18D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:ch222:-:*:*:*:*:*:*:*",
"matchCriteriaId": "21FB1E88-3CB4-48FE-9F52-AA12D40DB944",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:ch240_firmware:v100r001c00:*:*:*:*:*:*:*",
"matchCriteriaId": "7BC1DD2F-DE32-4EA6-9539-792FCBDEF20D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:ch240:-:*:*:*:*:*:*:*",
"matchCriteriaId": "74027C23-3637-4ABE-A697-B20FD7B94162",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:ch242_firmware:v100r001c00:*:*:*:*:*:*:*",
"matchCriteriaId": "6185FD57-FE4F-43E2-A3EA-3AA5A299A05D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:ch242:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CE8DA951-047B-4A88-A851-9663F2EC2CEB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:ch242_v3_firmware:v100r001c00:*:*:*:*:*:*:*",
"matchCriteriaId": "563AC0A9-568C-4010-9142-28C88349B587",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:ch242_v3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D2637E43-1937-4320-AAF4-3770C332B66E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:e6000_firmware:v100r002c00:*:*:*:*:*:*:*",
"matchCriteriaId": "774E8CD3-3E77-41EB-ABC9-CE885CC90FA9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:e6000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1F66D29E-0B7F-45D3-BECC-21952F4A4850",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:e6000_chassis_firmware:v100r001c00:*:*:*:*:*:*:*",
"matchCriteriaId": "3057065D-9D25-4BE2-8392-48405063E821",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:e6000_chassis:-:*:*:*:*:*:*:*",
"matchCriteriaId": "748D3A0F-12FA-4755-969B-45D7B3D55147",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:gtsoftx3000_firmware:v200r001c01spc100:*:*:*:*:*:*:*",
"matchCriteriaId": "14C6D34F-BFE4-420C-B496-E4D82783ED7B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:gtsoftx3000_firmware:v200r002c00spc300:*:*:*:*:*:*:*",
"matchCriteriaId": "8F646FC2-3A77-4971-BACC-D0CA7B9379DE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:gtsoftx3000_firmware:v200r002c10spc100:*:*:*:*:*:*:*",
"matchCriteriaId": "C98EEDBC-42C6-4896-83A5-8EE175F4710C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:gtsoftx3000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "43C5827F-092C-4A94-A907-F653A55C280D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:oceanstor_18500_firmware:v100r001c30spc300:*:*:*:*:*:*:*",
"matchCriteriaId": "22D7738B-B2B1-423C-A7C6-A73280F085C7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:oceanstor_18500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B7AAE27E-EB13-43E2-A7F4-7973977AD936",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:oceanstor_18800_firmware:v100r001c30spc300:*:*:*:*:*:*:*",
"matchCriteriaId": "5B908D26-6C4F-4955-A284-39C4C338AEBF",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:oceanstor_18800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B196FDFF-8A1D-4E7D-895A-1D09ADACC396",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:oceanstor_18800f_firmware:v100r001c30spc300:*:*:*:*:*:*:*",
"matchCriteriaId": "C46963C2-0175-4933-A2A1-4CFBA3FF4586",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:oceanstor_18800f:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4E675B6C-C847-486F-8946-F98E271E1DC0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:oceanstor_hvs85t_firmware:v100r001c00:*:*:*:*:*:*:*",
"matchCriteriaId": "6188E188-7CA7-4415-835D-738A684B7639",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:oceanstor_hvs85t_firmware:v100r001c30spc200:*:*:*:*:*:*:*",
"matchCriteriaId": "981C1A1D-352D-478A-BF04-F1D9A71C86D6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:oceanstor_hvs85t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "675CCB4F-BB76-45DC-9E6E-3BD279995084",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:oceanstor_hvs88t_firmware:v100r001c00:*:*:*:*:*:*:*",
"matchCriteriaId": "B9A7C688-25E6-457B-AFBF-657EDE621FFA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:oceanstor_hvs88t_firmware:v100r001c30spc200:*:*:*:*:*:*:*",
"matchCriteriaId": "31EBFCDE-7FB8-4CA7-9A2E-F94DD572B48B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:oceanstor_hvs88t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5C3C47BF-7FAA-4A6C-BBDC-CC8D28CCA611",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:rh1288_v2_firmware:v100r002c00:*:*:*:*:*:*:*",
"matchCriteriaId": "9AA159F6-CE6C-4EC9-9166-718780F752CA",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:rh1288_v2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F24DF092-9867-4381-BDFB-5AB7116DEFD4",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:rh1288a_v2_firmware:v100r002c00:*:*:*:*:*:*:*",
"matchCriteriaId": "BE3450A4-4C1A-4125-8B18-3961D69D6F0B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:rh1288a_v2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A7E91ACB-82D0-4A4E-9157-5142A26E577A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:rh2265_v2_firmware:v100r002c00:*:*:*:*:*:*:*",
"matchCriteriaId": "485D4E2A-7697-40CD-92E4-0B93CB898DD3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:rh2265_v2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D3860458-155E-47F6-A37E-730DE7A363DE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:rh2268_v2_firmware:v100r002c00:*:*:*:*:*:*:*",
"matchCriteriaId": "1E293DFF-1C3F-4180-895D-E7BC4A14FB93",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:rh2268_v2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C6C2FB1E-2569-4AB9-95A2-DCD4AC8C7D1D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:rh2285_v2_firmware:v100r002c00:*:*:*:*:*:*:*",
"matchCriteriaId": "97C57B46-9085-458A-8A5B-A6F74E00F4D0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:rh2285_v2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "38DF8C15-4086-4F70-BCD2-BDB91900C80A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:rh2285h_v2_firmware:v100r002c00:*:*:*:*:*:*:*",
"matchCriteriaId": "449982CF-3F17-473D-9B58-3E1076B1CF1F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:rh2285h_v2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "275A2FCA-8E0A-4EFA-907B-4F6E3E954372",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:rh2288_v2_firmware:v100r002c00:*:*:*:*:*:*:*",
"matchCriteriaId": "377CAD92-7563-43D9-92A3-C05B149F65E2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:rh2288_v2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9E1F1478-2D24-42D5-8401-3D6BAB20A7F2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:rh2288a_v2_firmware:v100r002c00:*:*:*:*:*:*:*",
"matchCriteriaId": "A522BFBE-69E6-4DF8-83D3-27564AF88C6B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:rh2288a_v2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E3CB6AA6-2424-41B2-92A7-81E788DB8396",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:rh2288e_v2_firmware:v100r002c00:*:*:*:*:*:*:*",
"matchCriteriaId": "AE64C9F3-EEEF-44CB-8C3B-0969D2A76C81",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:rh2288e_v2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7A446D94-F39F-461D-B935-02C87058D0AE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:rh2288h_v2_firmware:v100r002c00:*:*:*:*:*:*:*",
"matchCriteriaId": "56D5E59C-5824-463B-8121-57E3689DD1C0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:rh2288h_v2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "908E0834-8E5D-43EF-A604-AAFCA6E69767",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:rh2485_v2_firmware:v100r002c00:*:*:*:*:*:*:*",
"matchCriteriaId": "5AFBF820-E15D-4E7F-AD44-D4AE5EF208FB",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:rh2485_v2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2D2E8A9D-7BC5-40D2-B85B-61D753A4D88B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:rh5885_v2_firmware:v100r001c00:*:*:*:*:*:*:*",
"matchCriteriaId": "525FAA8B-734F-4B0D-8E32-9066CF9D939F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:rh5885_v2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "43C7EEF7-1AF2-41D8-98A6-0237524B76C8",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:rh5885_v3_firmware:v100r003c00:*:*:*:*:*:*:*",
"matchCriteriaId": "779C3401-3A97-4DFE-AD0B-E8B2A48AA04A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:rh5885_v3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3C3BAFB9-A7C7-4199-89B2-587D650762C2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:smc2.0_firmware:v500r002c00:*:*:*:*:*:*:*",
"matchCriteriaId": "B9E7481E-B5B8-481C-AC35-A8029AA2DF7A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:smc2.0_firmware:v600r006c00:*:*:*:*:*:*:*",
"matchCriteriaId": "60E7CCC4-60A8-48FA-A9EA-7A327B3A29B2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:smc2.0:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FDBEFFB4-9742-48CC-BBA6-E5DCA281B343",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:seco_vsm_firmware:v200r002c00:*:*:*:*:*:*:*",
"matchCriteriaId": "2A756B3A-BD91-4857-869B-AF435E66BAD3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:seco_vsm:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EB7EBA07-D6A7-4C45-8C57-84E2549A4CFE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:uma_firmware:v200r001c00:*:*:*:*:*:*:*",
"matchCriteriaId": "207D80F3-6DB4-4BDE-AE72-38BAF4EE2B67",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:uma_firmware:v300r001c00:*:*:*:*:*:*:*",
"matchCriteriaId": "429F7534-D2A9-4275-9333-0786F315037E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:uma:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E1940680-0927-4E56-83E3-3525797978B3",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:x6000_firmware:v100r002c00:*:*:*:*:*:*:*",
"matchCriteriaId": "FF613F6D-DBC7-4A35-9A8D-B948FB3C84F9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:x6000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "24BB4E74-B9A6-4C2C-AB61-A4028CDFF614",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:x8000_firmware:v100r002c20:*:*:*:*:*:*:*",
"matchCriteriaId": "48CBF1C9-1DA3-4B3C-AB00-42F41248B074",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:x8000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "02CCB6E7-0BF2-4762-BDD6-0F68B087CBF8",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:elog_firmware:v200r003c10:*:*:*:*:*:*:*",
"matchCriteriaId": "C3A696C2-836C-441C-875D-9D68F2DE25B1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:elog:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C34C1766-B15E-4C73-AE28-F22D9296DF20",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:espace_ecs_firmware:v300r001c00:*:*:*:*:*:*:*",
"matchCriteriaId": "95140BB8-911D-4F19-8C6E-DCD6FA2298AD",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:espace_ecs:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A924CA6B-C4BB-4340-BF27-B0EE4B72F9A7",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A remote code execution vulnerability exists in Remote Desktop Services formerly known as Terminal Services when an unauthenticated attacker connects to the target system using RDP and sends specially crafted requests, aka \u0027Remote Desktop Services Remote Code Execution Vulnerability\u0027."
},
{
"lang": "es",
"value": "Existe una vulnerabilidad de ejecuci\u00f3n remota de c\u00f3digo en Remote Desktop Services, anteriormente conocido como Terminal Services, cuando un atacante no autenticado se conecta al sistema de destino mediante RDP y env\u00eda peticiones especialmente dise\u00f1adas, conocida como \u0027Remote Desktop Services Remote Code Execution Vulnerability\u0027."
}
],
"id": "CVE-2019-0708",
"lastModified": "2025-10-29T14:45:37.030",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
},
"published": "2019-05-16T19:29:00.427",
"references": [
{
"source": "secure@microsoft.com",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/153133/Microsoft-Windows-Remote-Desktop-BlueKeep-Denial-Of-Service.html"
},
{
"source": "secure@microsoft.com",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/153627/Microsoft-Windows-RDP-BlueKeep-Denial-Of-Service.html"
},
{
"source": "secure@microsoft.com",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/154579/BlueKeep-RDP-Remote-Windows-Kernel-Use-After-Free.html"
},
{
"source": "secure@microsoft.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/155389/Microsoft-Windows-7-x86-BlueKeep-RDP-Use-After-Free.html"
},
{
"source": "secure@microsoft.com",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/162960/Microsoft-RDP-Remote-Code-Execution.html"
},
{
"source": "secure@microsoft.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190529-01-windows-en"
},
{
"source": "secure@microsoft.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www.huawei.com/en/psirt/security-notices/huawei-sn-20190515-01-windows-en"
},
{
"source": "secure@microsoft.com",
"tags": [
"Third Party Advisory"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-166360.pdf"
},
{
"source": "secure@microsoft.com",
"tags": [
"Third Party Advisory"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-406175.pdf"
},
{
"source": "secure@microsoft.com",
"tags": [
"Third Party Advisory"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-433987.pdf"
},
{
"source": "secure@microsoft.com",
"tags": [
"Third Party Advisory"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-616199.pdf"
},
{
"source": "secure@microsoft.com",
"tags": [
"Third Party Advisory"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-832947.pdf"
},
{
"source": "secure@microsoft.com",
"tags": [
"Third Party Advisory"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-932041.pdf"
},
{
"source": "secure@microsoft.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0708"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/153133/Microsoft-Windows-Remote-Desktop-BlueKeep-Denial-Of-Service.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/153627/Microsoft-Windows-RDP-BlueKeep-Denial-Of-Service.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/154579/BlueKeep-RDP-Remote-Windows-Kernel-Use-After-Free.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/155389/Microsoft-Windows-7-x86-BlueKeep-RDP-Use-After-Free.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/162960/Microsoft-RDP-Remote-Code-Execution.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190529-01-windows-en"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.huawei.com/en/psirt/security-notices/huawei-sn-20190515-01-windows-en"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-166360.pdf"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-406175.pdf"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-433987.pdf"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-616199.pdf"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-832947.pdf"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-932041.pdf"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0708"
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"tags": [
"US Government Resource"
],
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2019-0708"
}
],
"sourceIdentifier": "secure@microsoft.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-416"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-416"
}
],
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…