November 20, 2023
Severity Medium Analysis Summary Agent Tesla is a very popular spyware Trojan built for the.NET framework. Since its initial appearance in 2014, this has been deployed […]
Rewterz Threat Alert – First Microfinance Bank Targeted by Indian Hackers
August 14, 2019Rewterz Threat Advisory – ICS: Johnson Controls Metasys Multiple Vulnerabilities
August 16, 2019Rewterz Threat Alert – First Microfinance Bank Targeted by Indian Hackers
August 14, 2019Rewterz Threat Advisory – ICS: Johnson Controls Metasys Multiple Vulnerabilities
August 16, 2019
Severity
High
Analysis Summary
CVE-2019-1181, CVE-2019-1182, CVE-2019-0708
A remote code execution vulnerability exists in Remote Desktop Services – formerly known as Terminal Services – when an unauthenticated attacker connects to the target system using RDP and sends specially crafted requests. This vulnerability is pre-authentication and requires no user interaction. An attacker who successfully exploited this vulnerability could execute arbitrary code on the target system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.
Impact
- Remote code execution
- Privilege access
Affected Vendors
Microsoft
Affected Products
- Windows 7 SP1
- Windows Server 2008 R2 SP1
- Windows Server 2012
- Windows 8.1
- Windows Server 2012 R2
- Microsoft Windows 10
- Microsoft Windows Server 2016
- Microsoft Windows Server 2019
Remediation
Please see Microsoft’s release updates for the list of patches and updates.