CVE-2019-0708
| CVE Published | 2019-05-16 |
|---|---|
| Related CWE(s) | CWE-416: Use After Free |
| Related Vendor(s) | microsoft, huawei, siemens |
| Related Product(s) | e6000_chassis_firmware, axiom_vertix_md_trauma_firmware, rh2288h_v2_firmware, x8000_firmware, rh2285h_v2_firmware, gtsoftx3000_firmware, bh622_v2_firmware, rh5885_v2_firmware, ch220_firmware, seco_vsm_firmware, e6000_firmware, rh5885_v3_firmware, agile_controller-campus_firmware, rh2485_v2_firmware, rh2288a_v2_firmware, oceanstor_18800f_firmware, ch121_firmware, rapidpoint_500_firmware, viva_e_firmware, viva_twin_firmware, aptio_firmware, multix_pro_navy_firmware, oceanstor_hvs85t_firmware, rh1288a_v2_firmware, smc2.0_firmware, axiom_multix_m_firmware, axiom_vertix_solitaire_m_firmware, oceanstor_18500_firmware, rh1288_v2_firmware, multix_top_firmware, oceanstor_18800_firmware, syngo_lab_process_manager, elog_firmware, ch242_firmware, rh2265_v2_firmware, windows_server_2008, centralink_firmware, multix_pro_firmware, multix_top_acss_firmware, bh640_v2_firmware, oceanstor_hvs88t_firmware, windows_vista, streamlab_firmware, multix_pro_acss_p_firmware, x6000_firmware, vertix_solitaire_firmware, windows_xp, rh2285_v2_firmware, rh2288e_v2_firmware, ch242_v3_firmware, mobilett_xp_digital_firmware, bh621_v2_firmware, multix_swing_firmware, atellica_solution_firmware, bh620_v2_firmware, ch222_firmware, windows_server_2003, ch140_firmware, multix_pro_p_firmware, rh2268_v2_firmware, lantis_firmware, multix_top_p_firmware, multix_top_acss_p_firmware, windows_7, multix_pro_acss_firmware, espace_ecs_firmware, uma_firmware, ch221_firmware, ch240_firmware, rh2288_v2_firmware |
| Exploitation Reported (CISA KEV) | 2021-11-03 |
| CVSS 3 Base Score | 9.8 (CRITICAL) |
| CVSS 3 Attack Complexity | LOW |
| CVSS 3 Attack Vector | NETWORK |
A remote code execution vulnerability exists in Remote Desktop Services formerly known as Terminal Services when an unauthenticated attacker connects to the target system using RDP and sends specially crafted requests, aka 'Remote Desktop Services Remote Code Execution Vulnerability'.
Cyber Threat Graph Context
Explore how this CVE relates to the wider threat graph
Threat Reports Related to CVE-2019-0708
Report
North Korea Cyber Group Conducts Global Espionage Campaign to Advance Regime’s Military and Nuclear Programs
This cybersecurity advisory from the U.S. Federal Bureau of Investigation (FBI) and its partners, highlights the cyber espionage activities of the ...