Published: 14/08/2019 Updated: 24/08/2020
CVSS v2 Base Score: 10 | Impact Score: 10 | Exploitability Score: 10
CVSS v3 Base Score: 9.8 | Impact Score: 5.9 | Exploitability Score: 3.9
Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C

Vulnerability Summary

A remote code execution vulnerability exists in Remote Desktop Services – formerly known as Terminal Services – when an unauthenticated attacker connects to the target system using RDP and sends specially crafted requests, aka 'Remote Desktop Services Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1181, CVE-2019-1182, CVE-2019-1226.

Vulnerability Trend

Vendor Advisories

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 # SSA-187667: DejaBlue Vulnerabilities - Siemens Healthineers Products Publication Date: 2019-09-10 Last Update: 2019-09-10 Current Version: 10 CVSS v30 Base Score: 98 SUMMARY ======= Microsoft has released updates for several versions of Microsoft Windows, which f ...
Microsoft released four security advisories to disclose four remote code execution vulnerabilities in Remote Desktop Services An unauthenticated attacker connects to the target system using RDP and sends specially crafted requests to exploit the vulnerabilities Successful exploit may cause arbitrary code execution on the target system (Vulnerabi ...

Github Repositories

PoC auto collect from GitHub.

PoC in GitHub 2020 CVE-2020-0022 In reassemble_and_dispatch of packet_fragmentercc, there is possible out of bounds write due to an incorrect bounds calculation This could lead to remote code execution over Bluetooth with no additional execution privileges needed User interaction is not needed for exploitationProduct: AndroidVersions: Android-80 Android-81 Android-9 Andr

Recent Articles

Microsoft Patch Tuesday – August 2019
Symantec Threat Intelligence Blog • Ratheesh PM • 14 Aug 2020

This month the vendor has patched 93 vulnerabilities, 27 of which are rated Critical.

Posted: 14 Aug, 201926 Min ReadThreat Intelligence SubscribeFollowtwitterfacebooklinkedinMicrosoft Patch Tuesday – August 2019This month the vendor has patched 93 vulnerabilities, 27 of which are rated Critical.This month Microsoft has patched 93 vulnerabilities, 27 of which are rated Critical.

As always, customers are advised to follow these security best practices:

Install vendor patches as soon ...

IT threat evolution Q3 2019. Statistics
Securelist • Victor Chebyshev Fedor Sinitsyn Denis Parinov Boris Larin Oleg Kupreev Evgeny Lopatin • 29 Nov 2019

These statistics are based on detection verdicts of Kaspersky products received from users who consented to provide statistical data.
According to Kaspersky Security Network:
In Q3 2019, we discovered an extremely unpleasant incident with the popular CamScanner app on Google Play. The new version of the app contained an ad library inside with the Trojan dropper Necro built in. Judging by the reviews on Google Play, the dropper’s task was to activate paid subscriptions, although it ...

This summer's hottest sequels: BlueKeep II, III, IV and V – the latest wormable RDP holes in Microsoft Windows
The Register • Shaun Nichols in San Francisco • 13 Aug 2019

Plus special guest stars Adobe and SAP in this month's security fixes

Patch Tuesday Microsoft, Adobe, and SAP may have just ruined more than a few summer vacation plans, thanks to a massive and critical Patch Tuesday bundle of security fixes this month.
Among the 93 CVE-listed flaws patched this month are four particularly serious remote-code execution bugs in Remote Desktop Services that can be exploited by hackers to take control of vulnerable systems with nothing more than a specially crafted RDP packet. No username and password, or other authentication, ...

Shades of BlueKeep: Wormable Remote Desktop Bugs Top August Patch Tuesday List
Threatpost • Tara Seals • 13 Aug 2019

Microsoft’s August Patch Tuesday release contains updates for 93 CVEs, including 29 that are rated critical in severity. The highest priority of these include four critical remote code-execution (RCE) vulnerabilities in Remote Desktop Services (RDS) and a critical RCE flaw in Microsoft Word.
Also, two of the RDS bugs are wormable, allowing an exploit to self-propagate from PC to PC without user interaction, thus setting the scene for a global, fast-moving infection wave. Microsoft warned...