Search

Find a vulnerability

Search criteria

    8 vulnerabilities found for Microsoft Remote Desktop for Mac by Microsoft

    CVE-2021-1669 (GCVE-0-2021-1669)

    Vulnerability from nvd – Published: 2021-01-12 19:42 – Updated: 2024-11-19 15:12
    VLAI
    Title
    Windows Remote Desktop Security Feature Bypass Vulnerability
    Summary
    Windows Remote Desktop Security Feature Bypass Vulnerability
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • Security Feature Bypass
    Assigner
    References
    Impacted products
    Vendor Product Version
    Microsoft Windows 10 Version 20H2 Affected: 10.0.0 , < publication (custom)
        cpe:2.3:o:microsoft:windows_10_20H2:*:*:*:*:*:*:x86:*
        cpe:2.3:o:microsoft:windows_10_20H2:*:*:*:*:*:*:arm64:*
    Create a notification for this product.
    Microsoft Windows Server version 20H2 Affected: 10.0.0 , < publication (custom)
        cpe:2.3:o:microsoft:windows_server_20H2:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Microsoft Windows 10 Version 1803 Affected: 10.0.0 , < publication (custom)
        cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x64:*
        cpe:2.3:o:microsoft:windows_10_1803:*:*:*:*:*:*:x64:*
        cpe:2.3:o:microsoft:windows_10_1803:*:*:*:*:*:*:arm64:*
    Create a notification for this product.
    Microsoft Windows 10 Version 1809 Affected: 10.0.0 , < publication (custom)
        cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x86:*
        cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x64:*
        cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:arm64:*
    Create a notification for this product.
    Microsoft Windows Server 2019 Affected: 10.0.0 , < publication (custom)
        cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Microsoft Windows 10 Version 1909 Affected: 10.0.0 , < publication (custom)
        cpe:2.3:o:microsoft:windows_10_1909:*:*:*:*:*:*:x86:*
        cpe:2.3:o:microsoft:windows_10_1909:*:*:*:*:*:*:x64:*
        cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x64:*
    Create a notification for this product.
    Microsoft Windows Server, version 1909 (Server Core installation) Affected: 10.0.0 , < publication (custom)
        cpe:2.3:o:microsoft:windows_server_1909:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Microsoft Windows 10 Version 2004 Affected: 10.0.0 , < publication (custom)
        cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x64:*
    Create a notification for this product.
    Microsoft Windows Server version 2004 Affected: 10.0.0 , < publication (custom)
        cpe:2.3:o:microsoft:windows_server_2004:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Microsoft Windows 10 Version 1507 Affected: 10.0.0 , < publication (custom)
        cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:x86:*
        cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:x64:*
    Create a notification for this product.
    Microsoft Windows 10 Version 1607 Affected: 10.0.0 , < publication (custom)
        cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x86:*
        cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x64:*
    Create a notification for this product.
    Microsoft Windows Server 2016 Affected: 10.0.0 , < publication (custom)
        cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Microsoft Windows Server 2016 (Server Core installation) Affected: 10.0.0 , < publication (custom)
        cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Microsoft Microsoft Remote Desktop for Mac Affected: 1.0.0 , < publication (custom)
        cpe:2.3:a:microsoft:remote_desktop:-:*:*:*:*:mac:*:*
    Create a notification for this product.
    Microsoft Microsoft Remote Desktop for IoS Affected: 1.0.0 , < publication (custom)
        cpe:2.3:a:microsoft:remote_desktop:-:*:*:*:*:ios:*:*
    Create a notification for this product.
    Microsoft Remote Desktop client for Windows Desktop Affected: 1.2.0.0 , < publication (custom)
        cpe:2.3:a:microsoft:remote_desktop:-:*:*:*:*:windows:*:*
    Create a notification for this product.
    Date Public
    2021-01-12 08:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-03T16:18:11.228Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-1669"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2021-1669",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-11-19T15:11:48.380735Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-11-19T15:12:18.855Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "cpes": [
                "cpe:2.3:o:microsoft:windows_10_20H2:*:*:*:*:*:*:x86:*",
                "cpe:2.3:o:microsoft:windows_10_20H2:*:*:*:*:*:*:arm64:*"
              ],
              "platforms": [
                "32-bit Systems",
                "ARM64-based Systems"
              ],
              "product": "Windows 10 Version 20H2",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "publication",
                  "status": "affected",
                  "version": "10.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:o:microsoft:windows_server_20H2:*:*:*:*:*:*:*:*"
              ],
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server version 20H2",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "publication",
                  "status": "affected",
                  "version": "10.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x64:*",
                "cpe:2.3:o:microsoft:windows_10_1803:*:*:*:*:*:*:x64:*",
                "cpe:2.3:o:microsoft:windows_10_1803:*:*:*:*:*:*:arm64:*"
              ],
              "platforms": [
                "32-bit Systems",
                "x64-based Systems",
                "ARM64-based Systems"
              ],
              "product": "Windows 10 Version 1803",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "publication",
                  "status": "affected",
                  "version": "10.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x86:*",
                "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x64:*",
                "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:arm64:*"
              ],
              "platforms": [
                "32-bit Systems",
                "x64-based Systems",
                "ARM64-based Systems"
              ],
              "product": "Windows 10 Version 1809",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "publication",
                  "status": "affected",
                  "version": "10.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*"
              ],
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2019",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "publication",
                  "status": "affected",
                  "version": "10.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:o:microsoft:windows_10_1909:*:*:*:*:*:*:x86:*",
                "cpe:2.3:o:microsoft:windows_10_1909:*:*:*:*:*:*:x64:*",
                "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x64:*"
              ],
              "platforms": [
                "32-bit Systems",
                "x64-based Systems",
                "ARM64-based Systems"
              ],
              "product": "Windows 10 Version 1909",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "publication",
                  "status": "affected",
                  "version": "10.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:o:microsoft:windows_server_1909:*:*:*:*:*:*:*:*"
              ],
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server, version 1909 (Server Core installation)",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "publication",
                  "status": "affected",
                  "version": "10.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x64:*"
              ],
              "platforms": [
                "32-bit Systems",
                "ARM64-based Systems",
                "x64-based Systems"
              ],
              "product": "Windows 10 Version 2004",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "publication",
                  "status": "affected",
                  "version": "10.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:o:microsoft:windows_server_2004:*:*:*:*:*:*:*:*"
              ],
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server version 2004",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "publication",
                  "status": "affected",
                  "version": "10.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:x86:*",
                "cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:x64:*"
              ],
              "platforms": [
                "32-bit Systems",
                "x64-based Systems"
              ],
              "product": "Windows 10 Version 1507",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "publication",
                  "status": "affected",
                  "version": "10.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x86:*",
                "cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x64:*"
              ],
              "platforms": [
                "32-bit Systems",
                "x64-based Systems"
              ],
              "product": "Windows 10 Version 1607",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "publication",
                  "status": "affected",
                  "version": "10.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*"
              ],
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2016",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "publication",
                  "status": "affected",
                  "version": "10.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*"
              ],
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2016 (Server Core installation)",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "publication",
                  "status": "affected",
                  "version": "10.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:a:microsoft:remote_desktop:-:*:*:*:*:mac:*:*"
              ],
              "platforms": [
                "Unknown"
              ],
              "product": "Microsoft Remote Desktop for Mac",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "publication",
                  "status": "affected",
                  "version": "1.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:a:microsoft:remote_desktop:-:*:*:*:*:ios:*:*"
              ],
              "platforms": [
                "Unknown"
              ],
              "product": "Microsoft Remote Desktop for IoS",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "publication",
                  "status": "affected",
                  "version": "1.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:a:microsoft:remote_desktop:-:*:*:*:*:windows:*:*"
              ],
              "platforms": [
                "Unknown"
              ],
              "product": "Remote Desktop client for Windows Desktop",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "publication",
                  "status": "affected",
                  "version": "1.2.0.0",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "datePublic": "2021-01-12T08:00:00.000Z",
          "descriptions": [
            {
              "lang": "en-US",
              "value": "Windows Remote Desktop Security Feature Bypass Vulnerability"
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "baseScore": 8.8,
                "baseSeverity": "HIGH",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en-US",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Security Feature Bypass",
                  "lang": "en-US",
                  "type": "Impact"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-10-08T16:17:13.585Z",
            "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
            "shortName": "microsoft"
          },
          "references": [
            {
              "name": "Windows Remote Desktop Security Feature Bypass Vulnerability",
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-1669"
            }
          ],
          "title": "Windows Remote Desktop Security Feature Bypass Vulnerability"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
        "assignerShortName": "microsoft",
        "cveId": "CVE-2021-1669",
        "datePublished": "2021-01-12T19:42:15.000Z",
        "dateReserved": "2020-12-02T00:00:00.000Z",
        "dateUpdated": "2024-11-19T15:12:18.855Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2020-0919 (GCVE-0-2020-0919)

    Vulnerability from nvd – Published: 2020-04-15 15:12 – Updated: 2024-08-04 06:18
    VLAI
    Summary
    An elevation of privilege vulnerability exists in Remote Desktop App for Mac in the way it allows an attacker to load unsigned binaries, aka 'Microsoft Remote Desktop App for Mac Elevation of Privilege Vulnerability'.
    Severity
    No CVSS data available.
    CWE
    • Elevation of Privilege
    Assigner
    References
    Impacted products
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T06:18:03.568Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0919"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Microsoft Remote Desktop for Mac",
              "vendor": "Microsoft",
              "versions": [
                {
                  "status": "affected",
                  "version": "unspecified"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "An elevation of privilege vulnerability exists in Remote Desktop App for Mac in the way it allows an attacker to load unsigned binaries, aka \u0027Microsoft Remote Desktop App for Mac Elevation of Privilege Vulnerability\u0027."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Elevation of Privilege",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2020-04-15T15:12:48.000Z",
            "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
            "shortName": "microsoft"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0919"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "secure@microsoft.com",
              "ID": "CVE-2020-0919",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Microsoft Remote Desktop for Mac",
                          "version": {
                            "version_data": [
                              {
                                "version_value": ""
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Microsoft"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "An elevation of privilege vulnerability exists in Remote Desktop App for Mac in the way it allows an attacker to load unsigned binaries, aka \u0027Microsoft Remote Desktop App for Mac Elevation of Privilege Vulnerability\u0027."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Elevation of Privilege"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0919",
                  "refsource": "MISC",
                  "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0919"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
        "assignerShortName": "microsoft",
        "cveId": "CVE-2020-0919",
        "datePublished": "2020-04-15T15:12:48.000Z",
        "dateReserved": "2019-11-04T00:00:00.000Z",
        "dateUpdated": "2024-08-04T06:18:03.568Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2019-1182 (GCVE-0-2019-1182)

    Vulnerability from nvd – Published: 2019-08-14 20:55 – Updated: 2024-08-04 18:13
    VLAI
    Title
    Remote Desktop Services Remote Code Execution Vulnerability
    Summary
    A remote code execution vulnerability exists in Remote Desktop Services – formerly known as Terminal Services – when an unauthenticated attacker connects to the target system using RDP and sends specially crafted requests. This vulnerability is pre-authentication and requires no user interaction. An attacker who successfully exploited this vulnerability could execute arbitrary code on the target system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. To exploit this vulnerability, an attacker would need to send a specially crafted request to the target systems Remote Desktop Service via RDP. The update addresses the vulnerability by correcting how Remote Desktop Services handles connection requests.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • Remote Code Execution
    Assigner
    Impacted products
    Vendor Product Version
    Microsoft Windows 10 Version 1703 Affected: 10.0.0 , < publication (custom)
        cpe:2.3:o:microsoft:windows_10:1703:*:*:*:*:*:*:*
    Create a notification for this product.
    Microsoft Windows 10 Version 1803 Affected: 10.0.0 , < publication (custom)
        cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x64:*
        cpe:2.3:o:microsoft:windows_10_1803:*:*:*:*:*:*:x64:*
        cpe:2.3:o:microsoft:windows_10_1803:*:*:*:*:*:*:arm64:*
    Create a notification for this product.
    Microsoft Windows Server, version 1803 (Server Core Installation) Affected: 10.0.0 , < publication (custom)
        cpe:2.3:o:microsoft:windows_server_1803:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Microsoft Windows 10 Version 1809 Affected: 10.0.0 , < publication (custom)
        cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x86:*
        cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x64:*
        cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:arm64:*
    Create a notification for this product.
    Microsoft Windows Server 2019 Affected: 10.0.0 , < publication (custom)
        cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Microsoft Windows Server 2019 (Server Core installation) Affected: 10.0.0 , < publication (custom)
        cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Microsoft Windows 10 Version 1709 for 32-bit Systems Affected: 10.0.0 , < publication (custom)
        cpe:2.3:o:microsoft:windows_10:1709:*:*:*:*:*:*:*
    Create a notification for this product.
    Microsoft Windows 10 Version 1709 Affected: 10.0.0 , < publication (custom)
        cpe:2.3:o:microsoft:windows_10:1709:*:*:*:*:*:*:*
    Create a notification for this product.
    Microsoft Windows 10 Version 1903 for 32-bit Systems Affected: 10.0.0 , < publication (custom)
        cpe:2.3:o:microsoft:windows_10:1903:*:*:*:*:*:*:*
    Create a notification for this product.
    Microsoft Windows 10 Version 1903 for x64-based Systems Affected: 10.0.0 , < publication (custom)
        cpe:2.3:o:microsoft:windows_10:1903:*:*:*:*:*:*:*
    Create a notification for this product.
    Microsoft Windows 10 Version 1903 for ARM64-based Systems Affected: 10.0.0 , < publication (custom)
        cpe:2.3:o:microsoft:windows_10:1903:*:*:*:*:*:*:*
    Create a notification for this product.
    Microsoft Windows Server, version 1903 (Server Core installation) Affected: 10.0.0 , < publication (custom)
        cpe:2.3:o:microsoft:windows_server_1903:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Microsoft Windows 10 Version 1507 Affected: 10.0.0 , < publication (custom)
        cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:x86:*
        cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:x64:*
    Create a notification for this product.
    Microsoft Windows 10 Version 1607 Affected: 10.0.0 , < publication (custom)
        cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x86:*
        cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x64:*
    Create a notification for this product.
    Microsoft Windows Server 2016 Affected: 10.0.0 , < publication (custom)
        cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Microsoft Windows Server 2016 (Server Core installation) Affected: 10.0.0 , < publication (custom)
        cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Microsoft Windows 8.1 Affected: 6.3.0 , < publication (custom)
        cpe:2.3:o:microsoft:windows_8.1:*:*:*:*:*:*:x86:*
        cpe:2.3:o:microsoft:windows_8.1:*:*:*:*:*:*:x64:*
        cpe:2.3:o:microsoft:windows_rt_8.1:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Microsoft Windows Server 2012 Affected: 6.2.0 , < publication (custom)
        cpe:2.3:o:microsoft:windows_server_2012:*:*:*:*:*:*:x64:*
    Create a notification for this product.
    Microsoft Windows Server 2012 (Server Core installation) Affected: 6.2.0 , < publication (custom)
        cpe:2.3:o:microsoft:windows_server_2012:*:*:*:*:*:*:x64:*
    Create a notification for this product.
    Microsoft Windows Server 2012 R2 Affected: 6.3.0 , < publication (custom)
        cpe:2.3:o:microsoft:windows_server_2012_R2:*:*:*:*:*:*:x64:*
    Create a notification for this product.
    Microsoft Windows Server 2012 R2 (Server Core installation) Affected: 6.3.0 , < publication (custom)
        cpe:2.3:o:microsoft:windows_server_2012_R2:*:*:*:*:*:*:x64:*
    Create a notification for this product.
    Microsoft Microsoft Remote Desktop for Android Affected: 0 , < publication (custom)
        cpe:2.3:a:microsoft:remote_desktop:-:*:*:*:*:android:*:*
    Create a notification for this product.
    Microsoft Microsoft Remote Desktop for IoS Affected: 1.0.0 , < publication (custom)
        cpe:2.3:a:microsoft:remote_desktop:-:*:*:*:*:ios:*:*
    Create a notification for this product.
    Microsoft Microsoft Remote Desktop for Mac Affected: 1.0.0 , < publication (custom)
        cpe:2.3:a:microsoft:remote_desktop:-:*:*:*:*:mac:*:*
    Create a notification for this product.
    Date Public
    2019-08-13 07:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2019-1182",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-06-18T20:42:39.694032Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-06-18T20:42:46.392Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T18:13:29.139Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1182"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190819-01-windows-en"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-187667.pdf"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "cpes": [
                "cpe:2.3:o:microsoft:windows_10:1703:*:*:*:*:*:*:*"
              ],
              "platforms": [
                "32-bit Systems",
                "x64-based Systems"
              ],
              "product": "Windows 10 Version 1703",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "publication",
                  "status": "affected",
                  "version": "10.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x64:*",
                "cpe:2.3:o:microsoft:windows_10_1803:*:*:*:*:*:*:x64:*",
                "cpe:2.3:o:microsoft:windows_10_1803:*:*:*:*:*:*:arm64:*"
              ],
              "platforms": [
                "32-bit Systems",
                "x64-based Systems",
                "ARM64-based Systems"
              ],
              "product": "Windows 10 Version 1803",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "publication",
                  "status": "affected",
                  "version": "10.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:o:microsoft:windows_server_1803:*:*:*:*:*:*:*:*"
              ],
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server, version 1803  (Server Core Installation)",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "publication",
                  "status": "affected",
                  "version": "10.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x86:*",
                "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x64:*",
                "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:arm64:*"
              ],
              "platforms": [
                "32-bit Systems",
                "x64-based Systems",
                "ARM64-based Systems"
              ],
              "product": "Windows 10 Version 1809",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "publication",
                  "status": "affected",
                  "version": "10.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*"
              ],
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2019",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "publication",
                  "status": "affected",
                  "version": "10.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*"
              ],
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2019 (Server Core installation)",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "publication",
                  "status": "affected",
                  "version": "10.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:o:microsoft:windows_10:1709:*:*:*:*:*:*:*"
              ],
              "platforms": [
                "32-bit Systems"
              ],
              "product": "Windows 10 Version 1709 for 32-bit Systems",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "publication",
                  "status": "affected",
                  "version": "10.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:o:microsoft:windows_10:1709:*:*:*:*:*:*:*"
              ],
              "platforms": [
                "x64-based Systems",
                "ARM64-based Systems"
              ],
              "product": "Windows 10 Version 1709",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "publication",
                  "status": "affected",
                  "version": "10.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:o:microsoft:windows_10:1903:*:*:*:*:*:*:*"
              ],
              "platforms": [
                "Unknown"
              ],
              "product": "Windows 10 Version 1903 for 32-bit Systems",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "publication",
                  "status": "affected",
                  "version": "10.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:o:microsoft:windows_10:1903:*:*:*:*:*:*:*"
              ],
              "platforms": [
                "Unknown"
              ],
              "product": "Windows 10 Version 1903 for x64-based Systems",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "publication",
                  "status": "affected",
                  "version": "10.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:o:microsoft:windows_10:1903:*:*:*:*:*:*:*"
              ],
              "platforms": [
                "Unknown"
              ],
              "product": "Windows 10 Version 1903 for ARM64-based Systems",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "publication",
                  "status": "affected",
                  "version": "10.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:o:microsoft:windows_server_1903:*:*:*:*:*:*:*:*"
              ],
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server, version 1903 (Server Core installation)",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "publication",
                  "status": "affected",
                  "version": "10.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:x86:*",
                "cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:x64:*"
              ],
              "platforms": [
                "32-bit Systems",
                "x64-based Systems"
              ],
              "product": "Windows 10 Version 1507",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "publication",
                  "status": "affected",
                  "version": "10.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x86:*",
                "cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x64:*"
              ],
              "platforms": [
                "32-bit Systems",
                "x64-based Systems"
              ],
              "product": "Windows 10 Version 1607",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "publication",
                  "status": "affected",
                  "version": "10.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*"
              ],
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2016",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "publication",
                  "status": "affected",
                  "version": "10.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*"
              ],
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2016 (Server Core installation)",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "publication",
                  "status": "affected",
                  "version": "10.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:o:microsoft:windows_8.1:*:*:*:*:*:*:x86:*",
                "cpe:2.3:o:microsoft:windows_8.1:*:*:*:*:*:*:x64:*",
                "cpe:2.3:o:microsoft:windows_rt_8.1:*:*:*:*:*:*:*:*"
              ],
              "platforms": [
                "32-bit Systems",
                "x64-based Systems",
                "ARM64-based Systems"
              ],
              "product": "Windows 8.1",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "publication",
                  "status": "affected",
                  "version": "6.3.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:o:microsoft:windows_server_2012:*:*:*:*:*:*:x64:*"
              ],
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2012",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "publication",
                  "status": "affected",
                  "version": "6.2.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:o:microsoft:windows_server_2012:*:*:*:*:*:*:x64:*"
              ],
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2012 (Server Core installation)",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "publication",
                  "status": "affected",
                  "version": "6.2.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:o:microsoft:windows_server_2012_R2:*:*:*:*:*:*:x64:*"
              ],
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2012 R2",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "publication",
                  "status": "affected",
                  "version": "6.3.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:o:microsoft:windows_server_2012_R2:*:*:*:*:*:*:x64:*"
              ],
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2012 R2 (Server Core installation)",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "publication",
                  "status": "affected",
                  "version": "6.3.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:a:microsoft:remote_desktop:-:*:*:*:*:android:*:*"
              ],
              "platforms": [
                "Unknown"
              ],
              "product": "Microsoft Remote Desktop for Android",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "publication",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:a:microsoft:remote_desktop:-:*:*:*:*:ios:*:*"
              ],
              "platforms": [
                "Unknown"
              ],
              "product": "Microsoft Remote Desktop for IoS",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "publication",
                  "status": "affected",
                  "version": "1.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:a:microsoft:remote_desktop:-:*:*:*:*:mac:*:*"
              ],
              "platforms": [
                "Unknown"
              ],
              "product": "Microsoft Remote Desktop for Mac",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "publication",
                  "status": "affected",
                  "version": "1.0.0",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "datePublic": "2019-08-13T07:00:00.000Z",
          "descriptions": [
            {
              "lang": "en-US",
              "value": "A remote code execution vulnerability exists in Remote Desktop Services \u2013 formerly known as Terminal Services \u2013 when an unauthenticated attacker connects to the target system using RDP and sends specially crafted requests. This vulnerability is pre-authentication and requires no user interaction. An attacker who successfully exploited this vulnerability could execute arbitrary code on the target system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.\nTo exploit this vulnerability, an attacker would need to send a specially crafted request to the target systems Remote Desktop Service via RDP.\nThe update addresses the vulnerability by correcting how Remote Desktop Services handles connection requests."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "baseScore": 9.8,
                "baseSeverity": "CRITICAL",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en-US",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Remote Code Execution",
                  "lang": "en-US",
                  "type": "Impact"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-05-29T16:50:35.379Z",
            "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
            "shortName": "microsoft"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1182"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190819-01-windows-en"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-187667.pdf"
            }
          ],
          "title": "Remote Desktop Services\u00a0Remote Code Execution Vulnerability"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
        "assignerShortName": "microsoft",
        "cveId": "CVE-2019-1182",
        "datePublished": "2019-08-14T20:55:04.000Z",
        "dateReserved": "2018-11-26T00:00:00.000Z",
        "dateUpdated": "2024-08-04T18:13:29.139Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2019-1181 (GCVE-0-2019-1181)

    Vulnerability from nvd – Published: 2019-08-14 20:55 – Updated: 2024-08-04 18:13
    VLAI
    Title
    Remote Desktop Services Remote Code Execution Vulnerability
    Summary
    A remote code execution vulnerability exists in Remote Desktop Services – formerly known as Terminal Services – when an unauthenticated attacker connects to the target system using RDP and sends specially crafted requests. This vulnerability is pre-authentication and requires no user interaction. An attacker who successfully exploited this vulnerability could execute arbitrary code on the target system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. To exploit this vulnerability, an attacker would need to send a specially crafted request to the target systems Remote Desktop Service via RDP. The update addresses the vulnerability by correcting how Remote Desktop Services handles connection requests.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • Remote Code Execution
    Assigner
    Impacted products
    Vendor Product Version
    Microsoft Windows 10 Version 1703 Affected: 10.0.0 , < publication (custom)
        cpe:2.3:o:microsoft:windows_10:1703:*:*:*:*:*:*:*
    Create a notification for this product.
    Microsoft Windows 10 Version 1803 Affected: 10.0.0 , < publication (custom)
        cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x64:*
        cpe:2.3:o:microsoft:windows_10_1803:*:*:*:*:*:*:x64:*
        cpe:2.3:o:microsoft:windows_10_1803:*:*:*:*:*:*:arm64:*
    Create a notification for this product.
    Microsoft Windows Server, version 1803 (Server Core Installation) Affected: 10.0.0 , < publication (custom)
        cpe:2.3:o:microsoft:windows_server_1803:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Microsoft Windows 10 Version 1809 Affected: 10.0.0 , < publication (custom)
        cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x86:*
        cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x64:*
        cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:arm64:*
    Create a notification for this product.
    Microsoft Windows Server 2019 Affected: 10.0.0 , < publication (custom)
        cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Microsoft Windows Server 2019 (Server Core installation) Affected: 10.0.0 , < publication (custom)
        cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Microsoft Windows 10 Version 1709 for 32-bit Systems Affected: 10.0.0 , < publication (custom)
        cpe:2.3:o:microsoft:windows_10:1709:*:*:*:*:*:*:*
    Create a notification for this product.
    Microsoft Windows 10 Version 1709 Affected: 10.0.0 , < publication (custom)
        cpe:2.3:o:microsoft:windows_10:1709:*:*:*:*:*:*:*
    Create a notification for this product.
    Microsoft Windows 10 Version 1903 for 32-bit Systems Affected: 10.0.0 , < publication (custom)
        cpe:2.3:o:microsoft:windows_10:1903:*:*:*:*:*:*:*
    Create a notification for this product.
    Microsoft Windows 10 Version 1903 for x64-based Systems Affected: 10.0.0 , < publication (custom)
        cpe:2.3:o:microsoft:windows_10:1903:*:*:*:*:*:*:*
    Create a notification for this product.
    Microsoft Windows 10 Version 1903 for ARM64-based Systems Affected: 10.0.0 , < publication (custom)
        cpe:2.3:o:microsoft:windows_10:1903:*:*:*:*:*:*:*
    Create a notification for this product.
    Microsoft Windows Server, version 1903 (Server Core installation) Affected: 10.0.0 , < publication (custom)
        cpe:2.3:o:microsoft:windows_server_1903:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Microsoft Windows 10 Version 1507 Affected: 10.0.0 , < publication (custom)
        cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:x86:*
        cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:x64:*
    Create a notification for this product.
    Microsoft Windows 10 Version 1607 Affected: 10.0.0 , < publication (custom)
        cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x86:*
        cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x64:*
    Create a notification for this product.
    Microsoft Windows Server 2016 Affected: 10.0.0 , < publication (custom)
        cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Microsoft Windows Server 2016 (Server Core installation) Affected: 10.0.0 , < publication (custom)
        cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Microsoft Windows 8.1 Affected: 6.3.0 , < publication (custom)
        cpe:2.3:o:microsoft:windows_8.1:*:*:*:*:*:*:x86:*
        cpe:2.3:o:microsoft:windows_8.1:*:*:*:*:*:*:x64:*
        cpe:2.3:o:microsoft:windows_rt_8.1:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Microsoft Windows Server 2012 Affected: 6.2.0 , < publication (custom)
        cpe:2.3:o:microsoft:windows_server_2012:*:*:*:*:*:*:x64:*
    Create a notification for this product.
    Microsoft Windows Server 2012 (Server Core installation) Affected: 6.2.0 , < publication (custom)
        cpe:2.3:o:microsoft:windows_server_2012:*:*:*:*:*:*:x64:*
    Create a notification for this product.
    Microsoft Windows Server 2012 R2 Affected: 6.3.0 , < publication (custom)
        cpe:2.3:o:microsoft:windows_server_2012_R2:*:*:*:*:*:*:x64:*
    Create a notification for this product.
    Microsoft Windows Server 2012 R2 (Server Core installation) Affected: 6.3.0 , < publication (custom)
        cpe:2.3:o:microsoft:windows_server_2012_R2:*:*:*:*:*:*:x64:*
    Create a notification for this product.
    Microsoft Microsoft Remote Desktop for Android Affected: 0 , < publication (custom)
        cpe:2.3:a:microsoft:remote_desktop:-:*:*:*:*:android:*:*
    Create a notification for this product.
    Microsoft Microsoft Remote Desktop for IoS Affected: 1.0.0 , < publication (custom)
        cpe:2.3:a:microsoft:remote_desktop:-:*:*:*:*:ios:*:*
    Create a notification for this product.
    Microsoft Microsoft Remote Desktop for Mac Affected: 1.0.0 , < publication (custom)
        cpe:2.3:a:microsoft:remote_desktop:-:*:*:*:*:mac:*:*
    Create a notification for this product.
    Date Public
    2019-08-13 07:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2019-1181",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-07-19T20:09:50.978315Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-07-19T20:10:00.970Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T18:13:29.299Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1181"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190819-01-windows-en"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-187667.pdf"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "cpes": [
                "cpe:2.3:o:microsoft:windows_10:1703:*:*:*:*:*:*:*"
              ],
              "platforms": [
                "32-bit Systems",
                "x64-based Systems"
              ],
              "product": "Windows 10 Version 1703",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "publication",
                  "status": "affected",
                  "version": "10.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x64:*",
                "cpe:2.3:o:microsoft:windows_10_1803:*:*:*:*:*:*:x64:*",
                "cpe:2.3:o:microsoft:windows_10_1803:*:*:*:*:*:*:arm64:*"
              ],
              "platforms": [
                "32-bit Systems",
                "x64-based Systems",
                "ARM64-based Systems"
              ],
              "product": "Windows 10 Version 1803",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "publication",
                  "status": "affected",
                  "version": "10.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:o:microsoft:windows_server_1803:*:*:*:*:*:*:*:*"
              ],
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server, version 1803  (Server Core Installation)",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "publication",
                  "status": "affected",
                  "version": "10.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x86:*",
                "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x64:*",
                "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:arm64:*"
              ],
              "platforms": [
                "32-bit Systems",
                "x64-based Systems",
                "ARM64-based Systems"
              ],
              "product": "Windows 10 Version 1809",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "publication",
                  "status": "affected",
                  "version": "10.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*"
              ],
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2019",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "publication",
                  "status": "affected",
                  "version": "10.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*"
              ],
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2019 (Server Core installation)",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "publication",
                  "status": "affected",
                  "version": "10.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:o:microsoft:windows_10:1709:*:*:*:*:*:*:*"
              ],
              "platforms": [
                "32-bit Systems"
              ],
              "product": "Windows 10 Version 1709 for 32-bit Systems",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "publication",
                  "status": "affected",
                  "version": "10.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:o:microsoft:windows_10:1709:*:*:*:*:*:*:*"
              ],
              "platforms": [
                "x64-based Systems",
                "ARM64-based Systems"
              ],
              "product": "Windows 10 Version 1709",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "publication",
                  "status": "affected",
                  "version": "10.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:o:microsoft:windows_10:1903:*:*:*:*:*:*:*"
              ],
              "platforms": [
                "Unknown"
              ],
              "product": "Windows 10 Version 1903 for 32-bit Systems",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "publication",
                  "status": "affected",
                  "version": "10.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:o:microsoft:windows_10:1903:*:*:*:*:*:*:*"
              ],
              "platforms": [
                "Unknown"
              ],
              "product": "Windows 10 Version 1903 for x64-based Systems",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "publication",
                  "status": "affected",
                  "version": "10.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:o:microsoft:windows_10:1903:*:*:*:*:*:*:*"
              ],
              "platforms": [
                "Unknown"
              ],
              "product": "Windows 10 Version 1903 for ARM64-based Systems",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "publication",
                  "status": "affected",
                  "version": "10.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:o:microsoft:windows_server_1903:*:*:*:*:*:*:*:*"
              ],
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server, version 1903 (Server Core installation)",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "publication",
                  "status": "affected",
                  "version": "10.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:x86:*",
                "cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:x64:*"
              ],
              "platforms": [
                "32-bit Systems",
                "x64-based Systems"
              ],
              "product": "Windows 10 Version 1507",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "publication",
                  "status": "affected",
                  "version": "10.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x86:*",
                "cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x64:*"
              ],
              "platforms": [
                "32-bit Systems",
                "x64-based Systems"
              ],
              "product": "Windows 10 Version 1607",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "publication",
                  "status": "affected",
                  "version": "10.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*"
              ],
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2016",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "publication",
                  "status": "affected",
                  "version": "10.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*"
              ],
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2016 (Server Core installation)",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "publication",
                  "status": "affected",
                  "version": "10.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:o:microsoft:windows_8.1:*:*:*:*:*:*:x86:*",
                "cpe:2.3:o:microsoft:windows_8.1:*:*:*:*:*:*:x64:*",
                "cpe:2.3:o:microsoft:windows_rt_8.1:*:*:*:*:*:*:*:*"
              ],
              "platforms": [
                "32-bit Systems",
                "x64-based Systems",
                "ARM64-based Systems"
              ],
              "product": "Windows 8.1",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "publication",
                  "status": "affected",
                  "version": "6.3.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:o:microsoft:windows_server_2012:*:*:*:*:*:*:x64:*"
              ],
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2012",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "publication",
                  "status": "affected",
                  "version": "6.2.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:o:microsoft:windows_server_2012:*:*:*:*:*:*:x64:*"
              ],
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2012 (Server Core installation)",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "publication",
                  "status": "affected",
                  "version": "6.2.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:o:microsoft:windows_server_2012_R2:*:*:*:*:*:*:x64:*"
              ],
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2012 R2",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "publication",
                  "status": "affected",
                  "version": "6.3.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:o:microsoft:windows_server_2012_R2:*:*:*:*:*:*:x64:*"
              ],
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2012 R2 (Server Core installation)",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "publication",
                  "status": "affected",
                  "version": "6.3.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:a:microsoft:remote_desktop:-:*:*:*:*:android:*:*"
              ],
              "platforms": [
                "Unknown"
              ],
              "product": "Microsoft Remote Desktop for Android",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "publication",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:a:microsoft:remote_desktop:-:*:*:*:*:ios:*:*"
              ],
              "platforms": [
                "Unknown"
              ],
              "product": "Microsoft Remote Desktop for IoS",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "publication",
                  "status": "affected",
                  "version": "1.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:a:microsoft:remote_desktop:-:*:*:*:*:mac:*:*"
              ],
              "platforms": [
                "Unknown"
              ],
              "product": "Microsoft Remote Desktop for Mac",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "publication",
                  "status": "affected",
                  "version": "1.0.0",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "datePublic": "2019-08-13T07:00:00.000Z",
          "descriptions": [
            {
              "lang": "en-US",
              "value": "A remote code execution vulnerability exists in Remote Desktop Services \u2013 formerly known as Terminal Services \u2013 when an unauthenticated attacker connects to the target system using RDP and sends specially crafted requests. This vulnerability is pre-authentication and requires no user interaction. An attacker who successfully exploited this vulnerability could execute arbitrary code on the target system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.\nTo exploit this vulnerability, an attacker would need to send a specially crafted request to the target systems Remote Desktop Service via RDP.\nThe update addresses the vulnerability by correcting how Remote Desktop Services handles connection requests."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "baseScore": 9.8,
                "baseSeverity": "CRITICAL",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en-US",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Remote Code Execution",
                  "lang": "en-US",
                  "type": "Impact"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-05-29T16:50:34.876Z",
            "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
            "shortName": "microsoft"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1181"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190819-01-windows-en"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-187667.pdf"
            }
          ],
          "title": "Remote Desktop Services\u00a0Remote Code Execution Vulnerability"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
        "assignerShortName": "microsoft",
        "cveId": "CVE-2019-1181",
        "datePublished": "2019-08-14T20:55:04.000Z",
        "dateReserved": "2018-11-26T00:00:00.000Z",
        "dateUpdated": "2024-08-04T18:13:29.299Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2021-1669 (GCVE-0-2021-1669)

    Vulnerability from cvelistv5 – Published: 2021-01-12 19:42 – Updated: 2024-11-19 15:12
    VLAI
    Title
    Windows Remote Desktop Security Feature Bypass Vulnerability
    Summary
    Windows Remote Desktop Security Feature Bypass Vulnerability
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • Security Feature Bypass
    Assigner
    References
    Impacted products
    Vendor Product Version
    Microsoft Windows 10 Version 20H2 Affected: 10.0.0 , < publication (custom)
        cpe:2.3:o:microsoft:windows_10_20H2:*:*:*:*:*:*:x86:*
        cpe:2.3:o:microsoft:windows_10_20H2:*:*:*:*:*:*:arm64:*
    Create a notification for this product.
    Microsoft Windows Server version 20H2 Affected: 10.0.0 , < publication (custom)
        cpe:2.3:o:microsoft:windows_server_20H2:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Microsoft Windows 10 Version 1803 Affected: 10.0.0 , < publication (custom)
        cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x64:*
        cpe:2.3:o:microsoft:windows_10_1803:*:*:*:*:*:*:x64:*
        cpe:2.3:o:microsoft:windows_10_1803:*:*:*:*:*:*:arm64:*
    Create a notification for this product.
    Microsoft Windows 10 Version 1809 Affected: 10.0.0 , < publication (custom)
        cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x86:*
        cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x64:*
        cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:arm64:*
    Create a notification for this product.
    Microsoft Windows Server 2019 Affected: 10.0.0 , < publication (custom)
        cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Microsoft Windows 10 Version 1909 Affected: 10.0.0 , < publication (custom)
        cpe:2.3:o:microsoft:windows_10_1909:*:*:*:*:*:*:x86:*
        cpe:2.3:o:microsoft:windows_10_1909:*:*:*:*:*:*:x64:*
        cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x64:*
    Create a notification for this product.
    Microsoft Windows Server, version 1909 (Server Core installation) Affected: 10.0.0 , < publication (custom)
        cpe:2.3:o:microsoft:windows_server_1909:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Microsoft Windows 10 Version 2004 Affected: 10.0.0 , < publication (custom)
        cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x64:*
    Create a notification for this product.
    Microsoft Windows Server version 2004 Affected: 10.0.0 , < publication (custom)
        cpe:2.3:o:microsoft:windows_server_2004:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Microsoft Windows 10 Version 1507 Affected: 10.0.0 , < publication (custom)
        cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:x86:*
        cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:x64:*
    Create a notification for this product.
    Microsoft Windows 10 Version 1607 Affected: 10.0.0 , < publication (custom)
        cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x86:*
        cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x64:*
    Create a notification for this product.
    Microsoft Windows Server 2016 Affected: 10.0.0 , < publication (custom)
        cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Microsoft Windows Server 2016 (Server Core installation) Affected: 10.0.0 , < publication (custom)
        cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Microsoft Microsoft Remote Desktop for Mac Affected: 1.0.0 , < publication (custom)
        cpe:2.3:a:microsoft:remote_desktop:-:*:*:*:*:mac:*:*
    Create a notification for this product.
    Microsoft Microsoft Remote Desktop for IoS Affected: 1.0.0 , < publication (custom)
        cpe:2.3:a:microsoft:remote_desktop:-:*:*:*:*:ios:*:*
    Create a notification for this product.
    Microsoft Remote Desktop client for Windows Desktop Affected: 1.2.0.0 , < publication (custom)
        cpe:2.3:a:microsoft:remote_desktop:-:*:*:*:*:windows:*:*
    Create a notification for this product.
    Date Public
    2021-01-12 08:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-03T16:18:11.228Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-1669"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2021-1669",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-11-19T15:11:48.380735Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-11-19T15:12:18.855Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "cpes": [
                "cpe:2.3:o:microsoft:windows_10_20H2:*:*:*:*:*:*:x86:*",
                "cpe:2.3:o:microsoft:windows_10_20H2:*:*:*:*:*:*:arm64:*"
              ],
              "platforms": [
                "32-bit Systems",
                "ARM64-based Systems"
              ],
              "product": "Windows 10 Version 20H2",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "publication",
                  "status": "affected",
                  "version": "10.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:o:microsoft:windows_server_20H2:*:*:*:*:*:*:*:*"
              ],
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server version 20H2",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "publication",
                  "status": "affected",
                  "version": "10.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x64:*",
                "cpe:2.3:o:microsoft:windows_10_1803:*:*:*:*:*:*:x64:*",
                "cpe:2.3:o:microsoft:windows_10_1803:*:*:*:*:*:*:arm64:*"
              ],
              "platforms": [
                "32-bit Systems",
                "x64-based Systems",
                "ARM64-based Systems"
              ],
              "product": "Windows 10 Version 1803",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "publication",
                  "status": "affected",
                  "version": "10.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x86:*",
                "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x64:*",
                "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:arm64:*"
              ],
              "platforms": [
                "32-bit Systems",
                "x64-based Systems",
                "ARM64-based Systems"
              ],
              "product": "Windows 10 Version 1809",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "publication",
                  "status": "affected",
                  "version": "10.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*"
              ],
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2019",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "publication",
                  "status": "affected",
                  "version": "10.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:o:microsoft:windows_10_1909:*:*:*:*:*:*:x86:*",
                "cpe:2.3:o:microsoft:windows_10_1909:*:*:*:*:*:*:x64:*",
                "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x64:*"
              ],
              "platforms": [
                "32-bit Systems",
                "x64-based Systems",
                "ARM64-based Systems"
              ],
              "product": "Windows 10 Version 1909",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "publication",
                  "status": "affected",
                  "version": "10.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:o:microsoft:windows_server_1909:*:*:*:*:*:*:*:*"
              ],
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server, version 1909 (Server Core installation)",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "publication",
                  "status": "affected",
                  "version": "10.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x64:*"
              ],
              "platforms": [
                "32-bit Systems",
                "ARM64-based Systems",
                "x64-based Systems"
              ],
              "product": "Windows 10 Version 2004",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "publication",
                  "status": "affected",
                  "version": "10.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:o:microsoft:windows_server_2004:*:*:*:*:*:*:*:*"
              ],
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server version 2004",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "publication",
                  "status": "affected",
                  "version": "10.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:x86:*",
                "cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:x64:*"
              ],
              "platforms": [
                "32-bit Systems",
                "x64-based Systems"
              ],
              "product": "Windows 10 Version 1507",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "publication",
                  "status": "affected",
                  "version": "10.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x86:*",
                "cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x64:*"
              ],
              "platforms": [
                "32-bit Systems",
                "x64-based Systems"
              ],
              "product": "Windows 10 Version 1607",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "publication",
                  "status": "affected",
                  "version": "10.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*"
              ],
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2016",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "publication",
                  "status": "affected",
                  "version": "10.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*"
              ],
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2016 (Server Core installation)",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "publication",
                  "status": "affected",
                  "version": "10.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:a:microsoft:remote_desktop:-:*:*:*:*:mac:*:*"
              ],
              "platforms": [
                "Unknown"
              ],
              "product": "Microsoft Remote Desktop for Mac",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "publication",
                  "status": "affected",
                  "version": "1.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:a:microsoft:remote_desktop:-:*:*:*:*:ios:*:*"
              ],
              "platforms": [
                "Unknown"
              ],
              "product": "Microsoft Remote Desktop for IoS",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "publication",
                  "status": "affected",
                  "version": "1.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:a:microsoft:remote_desktop:-:*:*:*:*:windows:*:*"
              ],
              "platforms": [
                "Unknown"
              ],
              "product": "Remote Desktop client for Windows Desktop",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "publication",
                  "status": "affected",
                  "version": "1.2.0.0",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "datePublic": "2021-01-12T08:00:00.000Z",
          "descriptions": [
            {
              "lang": "en-US",
              "value": "Windows Remote Desktop Security Feature Bypass Vulnerability"
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "baseScore": 8.8,
                "baseSeverity": "HIGH",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en-US",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Security Feature Bypass",
                  "lang": "en-US",
                  "type": "Impact"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-10-08T16:17:13.585Z",
            "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
            "shortName": "microsoft"
          },
          "references": [
            {
              "name": "Windows Remote Desktop Security Feature Bypass Vulnerability",
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-1669"
            }
          ],
          "title": "Windows Remote Desktop Security Feature Bypass Vulnerability"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
        "assignerShortName": "microsoft",
        "cveId": "CVE-2021-1669",
        "datePublished": "2021-01-12T19:42:15.000Z",
        "dateReserved": "2020-12-02T00:00:00.000Z",
        "dateUpdated": "2024-11-19T15:12:18.855Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2020-0919 (GCVE-0-2020-0919)

    Vulnerability from cvelistv5 – Published: 2020-04-15 15:12 – Updated: 2024-08-04 06:18
    VLAI
    Summary
    An elevation of privilege vulnerability exists in Remote Desktop App for Mac in the way it allows an attacker to load unsigned binaries, aka 'Microsoft Remote Desktop App for Mac Elevation of Privilege Vulnerability'.
    Severity
    No CVSS data available.
    CWE
    • Elevation of Privilege
    Assigner
    References
    Impacted products
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T06:18:03.568Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0919"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Microsoft Remote Desktop for Mac",
              "vendor": "Microsoft",
              "versions": [
                {
                  "status": "affected",
                  "version": "unspecified"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "An elevation of privilege vulnerability exists in Remote Desktop App for Mac in the way it allows an attacker to load unsigned binaries, aka \u0027Microsoft Remote Desktop App for Mac Elevation of Privilege Vulnerability\u0027."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Elevation of Privilege",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2020-04-15T15:12:48.000Z",
            "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
            "shortName": "microsoft"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0919"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "secure@microsoft.com",
              "ID": "CVE-2020-0919",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Microsoft Remote Desktop for Mac",
                          "version": {
                            "version_data": [
                              {
                                "version_value": ""
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Microsoft"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "An elevation of privilege vulnerability exists in Remote Desktop App for Mac in the way it allows an attacker to load unsigned binaries, aka \u0027Microsoft Remote Desktop App for Mac Elevation of Privilege Vulnerability\u0027."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Elevation of Privilege"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0919",
                  "refsource": "MISC",
                  "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0919"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
        "assignerShortName": "microsoft",
        "cveId": "CVE-2020-0919",
        "datePublished": "2020-04-15T15:12:48.000Z",
        "dateReserved": "2019-11-04T00:00:00.000Z",
        "dateUpdated": "2024-08-04T06:18:03.568Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2019-1181 (GCVE-0-2019-1181)

    Vulnerability from cvelistv5 – Published: 2019-08-14 20:55 – Updated: 2024-08-04 18:13
    VLAI
    Title
    Remote Desktop Services Remote Code Execution Vulnerability
    Summary
    A remote code execution vulnerability exists in Remote Desktop Services – formerly known as Terminal Services – when an unauthenticated attacker connects to the target system using RDP and sends specially crafted requests. This vulnerability is pre-authentication and requires no user interaction. An attacker who successfully exploited this vulnerability could execute arbitrary code on the target system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. To exploit this vulnerability, an attacker would need to send a specially crafted request to the target systems Remote Desktop Service via RDP. The update addresses the vulnerability by correcting how Remote Desktop Services handles connection requests.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • Remote Code Execution
    Assigner
    Impacted products
    Vendor Product Version
    Microsoft Windows 10 Version 1703 Affected: 10.0.0 , < publication (custom)
        cpe:2.3:o:microsoft:windows_10:1703:*:*:*:*:*:*:*
    Create a notification for this product.
    Microsoft Windows 10 Version 1803 Affected: 10.0.0 , < publication (custom)
        cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x64:*
        cpe:2.3:o:microsoft:windows_10_1803:*:*:*:*:*:*:x64:*
        cpe:2.3:o:microsoft:windows_10_1803:*:*:*:*:*:*:arm64:*
    Create a notification for this product.
    Microsoft Windows Server, version 1803 (Server Core Installation) Affected: 10.0.0 , < publication (custom)
        cpe:2.3:o:microsoft:windows_server_1803:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Microsoft Windows 10 Version 1809 Affected: 10.0.0 , < publication (custom)
        cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x86:*
        cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x64:*
        cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:arm64:*
    Create a notification for this product.
    Microsoft Windows Server 2019 Affected: 10.0.0 , < publication (custom)
        cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Microsoft Windows Server 2019 (Server Core installation) Affected: 10.0.0 , < publication (custom)
        cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Microsoft Windows 10 Version 1709 for 32-bit Systems Affected: 10.0.0 , < publication (custom)
        cpe:2.3:o:microsoft:windows_10:1709:*:*:*:*:*:*:*
    Create a notification for this product.
    Microsoft Windows 10 Version 1709 Affected: 10.0.0 , < publication (custom)
        cpe:2.3:o:microsoft:windows_10:1709:*:*:*:*:*:*:*
    Create a notification for this product.
    Microsoft Windows 10 Version 1903 for 32-bit Systems Affected: 10.0.0 , < publication (custom)
        cpe:2.3:o:microsoft:windows_10:1903:*:*:*:*:*:*:*
    Create a notification for this product.
    Microsoft Windows 10 Version 1903 for x64-based Systems Affected: 10.0.0 , < publication (custom)
        cpe:2.3:o:microsoft:windows_10:1903:*:*:*:*:*:*:*
    Create a notification for this product.
    Microsoft Windows 10 Version 1903 for ARM64-based Systems Affected: 10.0.0 , < publication (custom)
        cpe:2.3:o:microsoft:windows_10:1903:*:*:*:*:*:*:*
    Create a notification for this product.
    Microsoft Windows Server, version 1903 (Server Core installation) Affected: 10.0.0 , < publication (custom)
        cpe:2.3:o:microsoft:windows_server_1903:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Microsoft Windows 10 Version 1507 Affected: 10.0.0 , < publication (custom)
        cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:x86:*
        cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:x64:*
    Create a notification for this product.
    Microsoft Windows 10 Version 1607 Affected: 10.0.0 , < publication (custom)
        cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x86:*
        cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x64:*
    Create a notification for this product.
    Microsoft Windows Server 2016 Affected: 10.0.0 , < publication (custom)
        cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Microsoft Windows Server 2016 (Server Core installation) Affected: 10.0.0 , < publication (custom)
        cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Microsoft Windows 8.1 Affected: 6.3.0 , < publication (custom)
        cpe:2.3:o:microsoft:windows_8.1:*:*:*:*:*:*:x86:*
        cpe:2.3:o:microsoft:windows_8.1:*:*:*:*:*:*:x64:*
        cpe:2.3:o:microsoft:windows_rt_8.1:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Microsoft Windows Server 2012 Affected: 6.2.0 , < publication (custom)
        cpe:2.3:o:microsoft:windows_server_2012:*:*:*:*:*:*:x64:*
    Create a notification for this product.
    Microsoft Windows Server 2012 (Server Core installation) Affected: 6.2.0 , < publication (custom)
        cpe:2.3:o:microsoft:windows_server_2012:*:*:*:*:*:*:x64:*
    Create a notification for this product.
    Microsoft Windows Server 2012 R2 Affected: 6.3.0 , < publication (custom)
        cpe:2.3:o:microsoft:windows_server_2012_R2:*:*:*:*:*:*:x64:*
    Create a notification for this product.
    Microsoft Windows Server 2012 R2 (Server Core installation) Affected: 6.3.0 , < publication (custom)
        cpe:2.3:o:microsoft:windows_server_2012_R2:*:*:*:*:*:*:x64:*
    Create a notification for this product.
    Microsoft Microsoft Remote Desktop for Android Affected: 0 , < publication (custom)
        cpe:2.3:a:microsoft:remote_desktop:-:*:*:*:*:android:*:*
    Create a notification for this product.
    Microsoft Microsoft Remote Desktop for IoS Affected: 1.0.0 , < publication (custom)
        cpe:2.3:a:microsoft:remote_desktop:-:*:*:*:*:ios:*:*
    Create a notification for this product.
    Microsoft Microsoft Remote Desktop for Mac Affected: 1.0.0 , < publication (custom)
        cpe:2.3:a:microsoft:remote_desktop:-:*:*:*:*:mac:*:*
    Create a notification for this product.
    Date Public
    2019-08-13 07:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2019-1181",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-07-19T20:09:50.978315Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-07-19T20:10:00.970Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T18:13:29.299Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1181"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190819-01-windows-en"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-187667.pdf"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "cpes": [
                "cpe:2.3:o:microsoft:windows_10:1703:*:*:*:*:*:*:*"
              ],
              "platforms": [
                "32-bit Systems",
                "x64-based Systems"
              ],
              "product": "Windows 10 Version 1703",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "publication",
                  "status": "affected",
                  "version": "10.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x64:*",
                "cpe:2.3:o:microsoft:windows_10_1803:*:*:*:*:*:*:x64:*",
                "cpe:2.3:o:microsoft:windows_10_1803:*:*:*:*:*:*:arm64:*"
              ],
              "platforms": [
                "32-bit Systems",
                "x64-based Systems",
                "ARM64-based Systems"
              ],
              "product": "Windows 10 Version 1803",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "publication",
                  "status": "affected",
                  "version": "10.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:o:microsoft:windows_server_1803:*:*:*:*:*:*:*:*"
              ],
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server, version 1803  (Server Core Installation)",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "publication",
                  "status": "affected",
                  "version": "10.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x86:*",
                "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x64:*",
                "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:arm64:*"
              ],
              "platforms": [
                "32-bit Systems",
                "x64-based Systems",
                "ARM64-based Systems"
              ],
              "product": "Windows 10 Version 1809",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "publication",
                  "status": "affected",
                  "version": "10.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*"
              ],
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2019",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "publication",
                  "status": "affected",
                  "version": "10.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*"
              ],
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2019 (Server Core installation)",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "publication",
                  "status": "affected",
                  "version": "10.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:o:microsoft:windows_10:1709:*:*:*:*:*:*:*"
              ],
              "platforms": [
                "32-bit Systems"
              ],
              "product": "Windows 10 Version 1709 for 32-bit Systems",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "publication",
                  "status": "affected",
                  "version": "10.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:o:microsoft:windows_10:1709:*:*:*:*:*:*:*"
              ],
              "platforms": [
                "x64-based Systems",
                "ARM64-based Systems"
              ],
              "product": "Windows 10 Version 1709",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "publication",
                  "status": "affected",
                  "version": "10.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:o:microsoft:windows_10:1903:*:*:*:*:*:*:*"
              ],
              "platforms": [
                "Unknown"
              ],
              "product": "Windows 10 Version 1903 for 32-bit Systems",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "publication",
                  "status": "affected",
                  "version": "10.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:o:microsoft:windows_10:1903:*:*:*:*:*:*:*"
              ],
              "platforms": [
                "Unknown"
              ],
              "product": "Windows 10 Version 1903 for x64-based Systems",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "publication",
                  "status": "affected",
                  "version": "10.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:o:microsoft:windows_10:1903:*:*:*:*:*:*:*"
              ],
              "platforms": [
                "Unknown"
              ],
              "product": "Windows 10 Version 1903 for ARM64-based Systems",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "publication",
                  "status": "affected",
                  "version": "10.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:o:microsoft:windows_server_1903:*:*:*:*:*:*:*:*"
              ],
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server, version 1903 (Server Core installation)",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "publication",
                  "status": "affected",
                  "version": "10.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:x86:*",
                "cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:x64:*"
              ],
              "platforms": [
                "32-bit Systems",
                "x64-based Systems"
              ],
              "product": "Windows 10 Version 1507",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "publication",
                  "status": "affected",
                  "version": "10.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x86:*",
                "cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x64:*"
              ],
              "platforms": [
                "32-bit Systems",
                "x64-based Systems"
              ],
              "product": "Windows 10 Version 1607",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "publication",
                  "status": "affected",
                  "version": "10.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*"
              ],
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2016",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "publication",
                  "status": "affected",
                  "version": "10.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*"
              ],
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2016 (Server Core installation)",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "publication",
                  "status": "affected",
                  "version": "10.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:o:microsoft:windows_8.1:*:*:*:*:*:*:x86:*",
                "cpe:2.3:o:microsoft:windows_8.1:*:*:*:*:*:*:x64:*",
                "cpe:2.3:o:microsoft:windows_rt_8.1:*:*:*:*:*:*:*:*"
              ],
              "platforms": [
                "32-bit Systems",
                "x64-based Systems",
                "ARM64-based Systems"
              ],
              "product": "Windows 8.1",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "publication",
                  "status": "affected",
                  "version": "6.3.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:o:microsoft:windows_server_2012:*:*:*:*:*:*:x64:*"
              ],
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2012",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "publication",
                  "status": "affected",
                  "version": "6.2.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:o:microsoft:windows_server_2012:*:*:*:*:*:*:x64:*"
              ],
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2012 (Server Core installation)",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "publication",
                  "status": "affected",
                  "version": "6.2.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:o:microsoft:windows_server_2012_R2:*:*:*:*:*:*:x64:*"
              ],
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2012 R2",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "publication",
                  "status": "affected",
                  "version": "6.3.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:o:microsoft:windows_server_2012_R2:*:*:*:*:*:*:x64:*"
              ],
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2012 R2 (Server Core installation)",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "publication",
                  "status": "affected",
                  "version": "6.3.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:a:microsoft:remote_desktop:-:*:*:*:*:android:*:*"
              ],
              "platforms": [
                "Unknown"
              ],
              "product": "Microsoft Remote Desktop for Android",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "publication",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:a:microsoft:remote_desktop:-:*:*:*:*:ios:*:*"
              ],
              "platforms": [
                "Unknown"
              ],
              "product": "Microsoft Remote Desktop for IoS",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "publication",
                  "status": "affected",
                  "version": "1.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:a:microsoft:remote_desktop:-:*:*:*:*:mac:*:*"
              ],
              "platforms": [
                "Unknown"
              ],
              "product": "Microsoft Remote Desktop for Mac",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "publication",
                  "status": "affected",
                  "version": "1.0.0",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "datePublic": "2019-08-13T07:00:00.000Z",
          "descriptions": [
            {
              "lang": "en-US",
              "value": "A remote code execution vulnerability exists in Remote Desktop Services \u2013 formerly known as Terminal Services \u2013 when an unauthenticated attacker connects to the target system using RDP and sends specially crafted requests. This vulnerability is pre-authentication and requires no user interaction. An attacker who successfully exploited this vulnerability could execute arbitrary code on the target system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.\nTo exploit this vulnerability, an attacker would need to send a specially crafted request to the target systems Remote Desktop Service via RDP.\nThe update addresses the vulnerability by correcting how Remote Desktop Services handles connection requests."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "baseScore": 9.8,
                "baseSeverity": "CRITICAL",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en-US",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Remote Code Execution",
                  "lang": "en-US",
                  "type": "Impact"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-05-29T16:50:34.876Z",
            "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
            "shortName": "microsoft"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1181"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190819-01-windows-en"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-187667.pdf"
            }
          ],
          "title": "Remote Desktop Services\u00a0Remote Code Execution Vulnerability"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
        "assignerShortName": "microsoft",
        "cveId": "CVE-2019-1181",
        "datePublished": "2019-08-14T20:55:04.000Z",
        "dateReserved": "2018-11-26T00:00:00.000Z",
        "dateUpdated": "2024-08-04T18:13:29.299Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2019-1182 (GCVE-0-2019-1182)

    Vulnerability from cvelistv5 – Published: 2019-08-14 20:55 – Updated: 2024-08-04 18:13
    VLAI
    Title
    Remote Desktop Services Remote Code Execution Vulnerability
    Summary
    A remote code execution vulnerability exists in Remote Desktop Services – formerly known as Terminal Services – when an unauthenticated attacker connects to the target system using RDP and sends specially crafted requests. This vulnerability is pre-authentication and requires no user interaction. An attacker who successfully exploited this vulnerability could execute arbitrary code on the target system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. To exploit this vulnerability, an attacker would need to send a specially crafted request to the target systems Remote Desktop Service via RDP. The update addresses the vulnerability by correcting how Remote Desktop Services handles connection requests.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • Remote Code Execution
    Assigner
    Impacted products
    Vendor Product Version
    Microsoft Windows 10 Version 1703 Affected: 10.0.0 , < publication (custom)
        cpe:2.3:o:microsoft:windows_10:1703:*:*:*:*:*:*:*
    Create a notification for this product.
    Microsoft Windows 10 Version 1803 Affected: 10.0.0 , < publication (custom)
        cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x64:*
        cpe:2.3:o:microsoft:windows_10_1803:*:*:*:*:*:*:x64:*
        cpe:2.3:o:microsoft:windows_10_1803:*:*:*:*:*:*:arm64:*
    Create a notification for this product.
    Microsoft Windows Server, version 1803 (Server Core Installation) Affected: 10.0.0 , < publication (custom)
        cpe:2.3:o:microsoft:windows_server_1803:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Microsoft Windows 10 Version 1809 Affected: 10.0.0 , < publication (custom)
        cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x86:*
        cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x64:*
        cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:arm64:*
    Create a notification for this product.
    Microsoft Windows Server 2019 Affected: 10.0.0 , < publication (custom)
        cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Microsoft Windows Server 2019 (Server Core installation) Affected: 10.0.0 , < publication (custom)
        cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Microsoft Windows 10 Version 1709 for 32-bit Systems Affected: 10.0.0 , < publication (custom)
        cpe:2.3:o:microsoft:windows_10:1709:*:*:*:*:*:*:*
    Create a notification for this product.
    Microsoft Windows 10 Version 1709 Affected: 10.0.0 , < publication (custom)
        cpe:2.3:o:microsoft:windows_10:1709:*:*:*:*:*:*:*
    Create a notification for this product.
    Microsoft Windows 10 Version 1903 for 32-bit Systems Affected: 10.0.0 , < publication (custom)
        cpe:2.3:o:microsoft:windows_10:1903:*:*:*:*:*:*:*
    Create a notification for this product.
    Microsoft Windows 10 Version 1903 for x64-based Systems Affected: 10.0.0 , < publication (custom)
        cpe:2.3:o:microsoft:windows_10:1903:*:*:*:*:*:*:*
    Create a notification for this product.
    Microsoft Windows 10 Version 1903 for ARM64-based Systems Affected: 10.0.0 , < publication (custom)
        cpe:2.3:o:microsoft:windows_10:1903:*:*:*:*:*:*:*
    Create a notification for this product.
    Microsoft Windows Server, version 1903 (Server Core installation) Affected: 10.0.0 , < publication (custom)
        cpe:2.3:o:microsoft:windows_server_1903:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Microsoft Windows 10 Version 1507 Affected: 10.0.0 , < publication (custom)
        cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:x86:*
        cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:x64:*
    Create a notification for this product.
    Microsoft Windows 10 Version 1607 Affected: 10.0.0 , < publication (custom)
        cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x86:*
        cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x64:*
    Create a notification for this product.
    Microsoft Windows Server 2016 Affected: 10.0.0 , < publication (custom)
        cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Microsoft Windows Server 2016 (Server Core installation) Affected: 10.0.0 , < publication (custom)
        cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Microsoft Windows 8.1 Affected: 6.3.0 , < publication (custom)
        cpe:2.3:o:microsoft:windows_8.1:*:*:*:*:*:*:x86:*
        cpe:2.3:o:microsoft:windows_8.1:*:*:*:*:*:*:x64:*
        cpe:2.3:o:microsoft:windows_rt_8.1:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Microsoft Windows Server 2012 Affected: 6.2.0 , < publication (custom)
        cpe:2.3:o:microsoft:windows_server_2012:*:*:*:*:*:*:x64:*
    Create a notification for this product.
    Microsoft Windows Server 2012 (Server Core installation) Affected: 6.2.0 , < publication (custom)
        cpe:2.3:o:microsoft:windows_server_2012:*:*:*:*:*:*:x64:*
    Create a notification for this product.
    Microsoft Windows Server 2012 R2 Affected: 6.3.0 , < publication (custom)
        cpe:2.3:o:microsoft:windows_server_2012_R2:*:*:*:*:*:*:x64:*
    Create a notification for this product.
    Microsoft Windows Server 2012 R2 (Server Core installation) Affected: 6.3.0 , < publication (custom)
        cpe:2.3:o:microsoft:windows_server_2012_R2:*:*:*:*:*:*:x64:*
    Create a notification for this product.
    Microsoft Microsoft Remote Desktop for Android Affected: 0 , < publication (custom)
        cpe:2.3:a:microsoft:remote_desktop:-:*:*:*:*:android:*:*
    Create a notification for this product.
    Microsoft Microsoft Remote Desktop for IoS Affected: 1.0.0 , < publication (custom)
        cpe:2.3:a:microsoft:remote_desktop:-:*:*:*:*:ios:*:*
    Create a notification for this product.
    Microsoft Microsoft Remote Desktop for Mac Affected: 1.0.0 , < publication (custom)
        cpe:2.3:a:microsoft:remote_desktop:-:*:*:*:*:mac:*:*
    Create a notification for this product.
    Date Public
    2019-08-13 07:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2019-1182",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-06-18T20:42:39.694032Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-06-18T20:42:46.392Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T18:13:29.139Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1182"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190819-01-windows-en"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-187667.pdf"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "cpes": [
                "cpe:2.3:o:microsoft:windows_10:1703:*:*:*:*:*:*:*"
              ],
              "platforms": [
                "32-bit Systems",
                "x64-based Systems"
              ],
              "product": "Windows 10 Version 1703",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "publication",
                  "status": "affected",
                  "version": "10.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x64:*",
                "cpe:2.3:o:microsoft:windows_10_1803:*:*:*:*:*:*:x64:*",
                "cpe:2.3:o:microsoft:windows_10_1803:*:*:*:*:*:*:arm64:*"
              ],
              "platforms": [
                "32-bit Systems",
                "x64-based Systems",
                "ARM64-based Systems"
              ],
              "product": "Windows 10 Version 1803",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "publication",
                  "status": "affected",
                  "version": "10.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:o:microsoft:windows_server_1803:*:*:*:*:*:*:*:*"
              ],
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server, version 1803  (Server Core Installation)",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "publication",
                  "status": "affected",
                  "version": "10.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x86:*",
                "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x64:*",
                "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:arm64:*"
              ],
              "platforms": [
                "32-bit Systems",
                "x64-based Systems",
                "ARM64-based Systems"
              ],
              "product": "Windows 10 Version 1809",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "publication",
                  "status": "affected",
                  "version": "10.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*"
              ],
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2019",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "publication",
                  "status": "affected",
                  "version": "10.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*"
              ],
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2019 (Server Core installation)",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "publication",
                  "status": "affected",
                  "version": "10.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:o:microsoft:windows_10:1709:*:*:*:*:*:*:*"
              ],
              "platforms": [
                "32-bit Systems"
              ],
              "product": "Windows 10 Version 1709 for 32-bit Systems",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "publication",
                  "status": "affected",
                  "version": "10.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:o:microsoft:windows_10:1709:*:*:*:*:*:*:*"
              ],
              "platforms": [
                "x64-based Systems",
                "ARM64-based Systems"
              ],
              "product": "Windows 10 Version 1709",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "publication",
                  "status": "affected",
                  "version": "10.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:o:microsoft:windows_10:1903:*:*:*:*:*:*:*"
              ],
              "platforms": [
                "Unknown"
              ],
              "product": "Windows 10 Version 1903 for 32-bit Systems",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "publication",
                  "status": "affected",
                  "version": "10.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:o:microsoft:windows_10:1903:*:*:*:*:*:*:*"
              ],
              "platforms": [
                "Unknown"
              ],
              "product": "Windows 10 Version 1903 for x64-based Systems",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "publication",
                  "status": "affected",
                  "version": "10.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:o:microsoft:windows_10:1903:*:*:*:*:*:*:*"
              ],
              "platforms": [
                "Unknown"
              ],
              "product": "Windows 10 Version 1903 for ARM64-based Systems",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "publication",
                  "status": "affected",
                  "version": "10.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:o:microsoft:windows_server_1903:*:*:*:*:*:*:*:*"
              ],
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server, version 1903 (Server Core installation)",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "publication",
                  "status": "affected",
                  "version": "10.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:x86:*",
                "cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:x64:*"
              ],
              "platforms": [
                "32-bit Systems",
                "x64-based Systems"
              ],
              "product": "Windows 10 Version 1507",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "publication",
                  "status": "affected",
                  "version": "10.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x86:*",
                "cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x64:*"
              ],
              "platforms": [
                "32-bit Systems",
                "x64-based Systems"
              ],
              "product": "Windows 10 Version 1607",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "publication",
                  "status": "affected",
                  "version": "10.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*"
              ],
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2016",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "publication",
                  "status": "affected",
                  "version": "10.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*"
              ],
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2016 (Server Core installation)",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "publication",
                  "status": "affected",
                  "version": "10.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:o:microsoft:windows_8.1:*:*:*:*:*:*:x86:*",
                "cpe:2.3:o:microsoft:windows_8.1:*:*:*:*:*:*:x64:*",
                "cpe:2.3:o:microsoft:windows_rt_8.1:*:*:*:*:*:*:*:*"
              ],
              "platforms": [
                "32-bit Systems",
                "x64-based Systems",
                "ARM64-based Systems"
              ],
              "product": "Windows 8.1",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "publication",
                  "status": "affected",
                  "version": "6.3.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:o:microsoft:windows_server_2012:*:*:*:*:*:*:x64:*"
              ],
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2012",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "publication",
                  "status": "affected",
                  "version": "6.2.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:o:microsoft:windows_server_2012:*:*:*:*:*:*:x64:*"
              ],
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2012 (Server Core installation)",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "publication",
                  "status": "affected",
                  "version": "6.2.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:o:microsoft:windows_server_2012_R2:*:*:*:*:*:*:x64:*"
              ],
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2012 R2",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "publication",
                  "status": "affected",
                  "version": "6.3.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:o:microsoft:windows_server_2012_R2:*:*:*:*:*:*:x64:*"
              ],
              "platforms": [
                "x64-based Systems"
              ],
              "product": "Windows Server 2012 R2 (Server Core installation)",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "publication",
                  "status": "affected",
                  "version": "6.3.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:a:microsoft:remote_desktop:-:*:*:*:*:android:*:*"
              ],
              "platforms": [
                "Unknown"
              ],
              "product": "Microsoft Remote Desktop for Android",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "publication",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:a:microsoft:remote_desktop:-:*:*:*:*:ios:*:*"
              ],
              "platforms": [
                "Unknown"
              ],
              "product": "Microsoft Remote Desktop for IoS",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "publication",
                  "status": "affected",
                  "version": "1.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:a:microsoft:remote_desktop:-:*:*:*:*:mac:*:*"
              ],
              "platforms": [
                "Unknown"
              ],
              "product": "Microsoft Remote Desktop for Mac",
              "vendor": "Microsoft",
              "versions": [
                {
                  "lessThan": "publication",
                  "status": "affected",
                  "version": "1.0.0",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "datePublic": "2019-08-13T07:00:00.000Z",
          "descriptions": [
            {
              "lang": "en-US",
              "value": "A remote code execution vulnerability exists in Remote Desktop Services \u2013 formerly known as Terminal Services \u2013 when an unauthenticated attacker connects to the target system using RDP and sends specially crafted requests. This vulnerability is pre-authentication and requires no user interaction. An attacker who successfully exploited this vulnerability could execute arbitrary code on the target system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.\nTo exploit this vulnerability, an attacker would need to send a specially crafted request to the target systems Remote Desktop Service via RDP.\nThe update addresses the vulnerability by correcting how Remote Desktop Services handles connection requests."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "baseScore": 9.8,
                "baseSeverity": "CRITICAL",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en-US",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Remote Code Execution",
                  "lang": "en-US",
                  "type": "Impact"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-05-29T16:50:35.379Z",
            "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
            "shortName": "microsoft"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1182"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190819-01-windows-en"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-187667.pdf"
            }
          ],
          "title": "Remote Desktop Services\u00a0Remote Code Execution Vulnerability"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
        "assignerShortName": "microsoft",
        "cveId": "CVE-2019-1182",
        "datePublished": "2019-08-14T20:55:04.000Z",
        "dateReserved": "2018-11-26T00:00:00.000Z",
        "dateUpdated": "2024-08-04T18:13:29.139Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }