November 20, 2023
Severity Medium Analysis Summary Agent Tesla is a very popular spyware Trojan built for the.NET framework. Since its initial appearance in 2014, this has been deployed […]
Rewterz Threat Advisory – CVE 2019-1125 – SWAPGS Spectre Side-Channel Vulnerability
August 8, 2019Rewterz Threat Advisory – Cisco Webex Network Recording Player and Cisco Webex Player Arbitrary Code Execution Vulnerabilities
August 8, 2019Rewterz Threat Advisory – CVE 2019-1125 – SWAPGS Spectre Side-Channel Vulnerability
August 8, 2019Rewterz Threat Advisory – Cisco Webex Network Recording Player and Cisco Webex Player Arbitrary Code Execution Vulnerabilities
August 8, 2019
Severity
Medium
Analysis Summary
A remote code execution vulnerability exists in Remote Desktop Services – formerly known as Terminal Services – when an authenticated attacker abuses clipboard redirection. An attacker who successfully exploited this vulnerability could execute arbitrary code on the victim system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.
To exploit this vulnerability, an attacker must already have compromised a system running Remote Desktop Services, and then wait for a victim system to connect to Remote Desktop Services.
Impact
Privilege escalation
Affected Vendors
Microsoft
Remediation
Please see vendor’s advisory for more details of updates/patches.
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0887