← voltar
CVE-2019-0708

CVE-2019-0708

CVSS 9.8 CRITICALEPSS 100.0%● KEVCWE-416
Em resumo

Uma falha crítica no Serviço de Área de Trabalho Remota do Windows permite que atacantes executem código malicioso em um computador remotamente, sem precisar de senha ou credenciais. Isso é perigoso porque oferece controle total do sistema a invasores pela internet.

Detalhe técnico

Uma vulnerabilidade de use-after-free (CWE-416) no tratamento do protocolo RDP permite execução remota de código sem autenticação quando pacotes especialmente manipulados são enviados ao serviço RDP. O ataque requer acesso à rede na porta 3389, mas não demanda autenticação prévia, possibilitando exploração em massa de sistemas Windows vulneráveis.

Resumo gerado e traduzido por IA a partir da descrição oficial.
A remote code execution vulnerability exists in Remote Desktop Services formerly known as Terminal Services when an unauthenticated attacker connects to the target system using RDP and sends specially crafted requests, aka 'Remote Desktop Services Remote Code Execution Vulnerability'.
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Produtos afetados
Microsoft · WindowsMicrosoft · Windows Server
PoCs públicas encontradas135
githubgithub.com/Ekultek/BlueKeep1183githubgithub.com/robertdavidgraham/rdpscan920githubgithub.com/n1xbyte/CVE-2019-0708496githubgithub.com/k8gege/CVE-2019-0708389githubgithub.com/algo7/bluekeep_CVE-2019-0708_poc_to_exploit344githubgithub.com/cbwang505/CVE-2019-0708-EXP-Windows318githubgithub.com/0xeb-bp/bluekeep293githubgithub.com/Cyb0r9/ispy243githubgithub.com/RICSecLab/CVE-2019-0708149githubgithub.com/Leoid/CVE-2019-0708127githubgithub.com/dorkerdevil/Remote-Desktop-Services-Remote-Code-Execution-Vulnerability-CVE-2019-0708-122githubgithub.com/p0p0p0/CVE-2019-0708-exploit121githubgithub.com/worawit/CVE-2019-0708110githubgithub.com/biggerwing/CVE-2019-0708-poc82githubgithub.com/coolboy4me/cve-2019-0708_bluekeep_rce75githubgithub.com/hook-s3c/CVE-2019-0708-poc47githubgithub.com/umarfarook882/CVE-2019-070840githubgithub.com/syriusbughunt/CVE-2019-070839githubgithub.com/rockmelodies/CVE-2019-0708-Exploit31githubgithub.com/Jaky5155/cve-2019-0708-exp30githubgithub.com/HynekPetrak/detect_bluekeep.py27githubgithub.com/mekhalleh/cve-2019-070825githubgithub.com/blacksunwen/CVE-2019-070819githubgithub.com/jiansiting/CVE-2019-070819githubgithub.com/fourtwizzy/CVE-2019-0708-Check-Device-Patch-Status18githubgithub.com/cve-2019-0708-poc/cve-2019-070818githubgithub.com/gobysec/CVE-2019-070817githubgithub.com/cvencoder/cve-2019-070814githubgithub.com/closethe/CVE-2019-0708-POC13githubgithub.com/RickGeex/msf-module-CVE-2019-070813githubgithub.com/Pa55w0rd/CVE-2019-070813githubgithub.com/SherlockSec/CVE-2019-070813githubgithub.com/ze0r/CVE-2019-0708-exp12githubgithub.com/skyshell20082008/CVE-2019-0708-PoC-Hitting-Path12githubgithub.com/wqsemc/CVE-2019-070812githubgithub.com/qing-root/CVE-2019-0708-EXP-MSF-11githubgithub.com/n0auth/CVE-2019-070811githubgithub.com/anquanscan/CVE-2019-07089githubgithub.com/thugcrowd/CVE-2019-07087githubgithub.com/SugiB3o/Check-vuln-CVE-2019-07087githubgithub.com/major203/cve-2019-0708-scan6githubgithub.com/NullByteSuiteDevs/CVE-2019-07086githubgithub.com/infiniti-team/CVE-2019-07086githubgithub.com/blockchainguard/CVE-2019-07085githubgithub.com/ht0Ruial/CVE-2019-0708Poc-BatchScanning5githubgithub.com/eastmountyxz/CVE-2019-0708-Windows5githubgithub.com/turingcompl33t/bluekeep4githubgithub.com/FrostsaberX/CVE-2019-07084githubgithub.com/pry0cc/BlueKeepTracker4githubgithub.com/Ravaan21/Bluekeep-Hunter4githubgithub.com/areusecure/CVE-2019-07083githubgithub.com/andripwn/CVE-2019-07083githubgithub.com/victor0013/CVE-2019-07083githubgithub.com/pry0cc/cve-2019-0708-23githubgithub.com/edvacco/CVE-2019-0708-POC2githubgithub.com/infenet/CVE-2019-07082githubgithub.com/ShadowBrokers-ExploitLeak/CVE-2019-07082githubgithub.com/ttsite/CVE-2019-0708-2githubgithub.com/smallFunction/CVE-2019-0708-POC2githubgithub.com/haishanzheng/CVE-2019-0708-generate-hosts2githubgithub.com/skommando/CVE-2019-07082githubgithub.com/zjw88282740/CVE-2019-0708-win71githubgithub.com/freeide/CVE-2019-07081githubgithub.com/ttsite/CVE-2019-07081githubgithub.com/yushiro/CVE-2019-07081githubgithub.com/UraSecTeam/CVE-2019-07081githubgithub.com/Gh0st0ne/rdpscan-BlueKeep1githubgithub.com/303sec/CVE-2019-07081githubgithub.com/JasonLOU/CVE-2019-07081githubgithub.com/AdministratorGithub/CVE-2019-07081githubgithub.com/safly/CVE-2019-07081githubgithub.com/Barry-McCockiner/CVE-2019-07081githubgithub.com/wdfcc/CVE-2019-07081githubgithub.com/HackerJ0e/CVE-2019-07081githubgithub.com/sbkcbig/CVE-2019-0708-Poc-exploit1githubgithub.com/gildaaa/CVE-2019-07081githubgithub.com/hotdog777714/RDS_CVE-2019-07081githubgithub.com/ntkernel0/CVE-2019-07081githubgithub.com/YSheldon/MS_T1201githubgithub.com/sbkcbig/CVE-2019-0708-EXPloit1githubgithub.com/temp-user-2014/CVE-2019-07081githubgithub.com/0x6b7966/CVE-2019-0708-RCE1githubgithub.com/distance-vector/CVE-2019-07081githubgithub.com/0xFlag/CVE-2019-0708-test1githubgithub.com/1aa87148377/CVE-2019-07081githubgithub.com/ulisesrc/-2-CVE-2019-07081githubgithub.com/cream-sec/CVE-2019-0708-Msf--1githubgithub.com/JSec1337/Scanner-CVE-2019-07081githubgithub.com/nochemax/bLuEkEeP-GUI1githubgithub.com/DeathStroke-source/Mass-scanner-for-CVE-2019-0708-RDP-RCE-Exploit1githubgithub.com/CircuitSoul/CVE-2019-07081githubgithub.com/tranqtruong/Detect-BlueKeep1githubgithub.com/adyanamul/Remote-Code-Execution-RCE-Exploit-BlueKeep-CVE-2019-0708-PoC1githubgithub.com/herhe/CVE-2019-0708poc1githubgithub.com/xiyangzuishuai/Dark-Network-CVE-2019-07080githubgithub.com/yetiddbb/CVE-2019-0708-PoC0githubgithub.com/denuwanjayasekara/CVE-Exploitation-Reports0githubgithub.com/hualy13/CVE-2019-0708-Check0githubgithub.com/isabelacostaz/CVE-2019-0708-POC0githubgithub.com/benhe119/bluekeepscan0githubgithub.com/lisinan988/CVE-2019-0708-scan0githubgithub.com/offensity/CVE-2019-07080githubgithub.com/davidfortytwo/bluekeep0githubgithub.com/freeide/CVE-2019-0708-PoC-Exploit0githubgithub.com/sbkcbig/CVE-2019-0708-EXPloit-33890githubgithub.com/gousseine-systems/vuln-rabilit-windows70githubgithub.com/rasan2001/Microsoft-Remote-Desktop-Services-Remote-Code-Execution-Vulnerability-CVE-2019-07080githubgithub.com/Micr067/CVE-2019-0708RDP-MSF0githubgithub.com/GopeshKachhadiya/Windows-20githubgithub.com/CPT-Jack-A-Castle/Haruster-CVE-2019-0708-Exploit0githubgithub.com/SQLDebugger/CVE-2019-0708-Tool0githubgithub.com/Ameg-yag/Wincrash0githubgithub.com/oneoy/BlueKeep0githubgithub.com/f8al/CVE-2019-0708-POC0githubgithub.com/emmadej1234/bluekeep-metasploit-lab-project0githubgithub.com/Ayomide-29/bluekeep_metasploit_practice0githubgithub.com/ayomideadams61-hub/bluekeep-metsploitable-lab0githubgithub.com/AaronCaiii/CVE-2019-0708-POC0githubgithub.com/Nweks/Bluekeep-Metasploit-Lab-Project0githubgithub.com/ryan-ally/rdp0708scanner0githubgithub.com/sezayi1972/CVE-2019-07080githubgithub.com/zoujialan/CVE-2019-0708-RCE0githubgithub.com/ZhaoYukai/CVE-2019-0708-Batch-Blue-Screen0githubgithub.com/ZhaoYukai/CVE-2019-07080githubgithub.com/pywc/CVE-2019-07080githubgithub.com/bibo318/kali-CVE-2019-0708-lab0cve_referencepacketstormsecurity.com/files/162960/Microsoft-RDP-Remote-Code-Execution.htmlnão verificadocve_referencepacketstormsecurity.com/files/155389/Microsoft-Windows-7-x86-BlueKeep-RDP-Use-After-Free.htmlnão verificadocve_referencepacketstormsecurity.com/files/153133/Microsoft-Windows-Remote-Desktop-BlueKeep-Denial-Of-Service.htmlnão verificadocve_referencepacketstormsecurity.com/files/154579/BlueKeep-RDP-Remote-Windows-Kernel-Use-After-Free.htmlnão verificadoexploitdbwww.exploit-db.com/exploits/47416não verificadoexploitdbwww.exploit-db.com/exploits/47120não verificadoexploitdbwww.exploit-db.com/exploits/47683não verificadocve_referencepacketstormsecurity.com/files/153627/Microsoft-Windows-RDP-BlueKeep-Denial-Of-Service.htmlnão verificadoexploitdbwww.exploit-db.com/exploits/46946não verificado
⚠ Recursos públicos, para você avaliar a exposição de sistemas que controla ou está autorizado a testar. Teste apenas com autorização.

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →
Referências
http://packetstormsecurity.com/files/153133/Microsoft-Windows-Remote-Desktop-BlueKeep-Denial-Of-Service.htmlhttp://packetstormsecurity.com/files/153627/Microsoft-Windows-RDP-BlueKeep-Denial-Of-Service.htmlhttp://packetstormsecurity.com/files/154579/BlueKeep-RDP-Remote-Windows-Kernel-Use-After-Free.htmlhttp://packetstormsecurity.com/files/155389/Microsoft-Windows-7-x86-BlueKeep-RDP-Use-After-Free.htmlhttp://packetstormsecurity.com/files/162960/Microsoft-RDP-Remote-Code-Execution.htmlhttps://cert-portal.siemens.com/productcert/pdf/ssa-166360.pdfhttps://cert-portal.siemens.com/productcert/pdf/ssa-406175.pdfhttps://cert-portal.siemens.com/productcert/pdf/ssa-433987.pdfhttps://cert-portal.siemens.com/productcert/pdf/ssa-616199.pdfhttps://cert-portal.siemens.com/productcert/pdf/ssa-832947.pdfhttps://cert-portal.siemens.com/productcert/pdf/ssa-932041.pdfhttps://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0708