CVE-2019-1326 — Microsoft Windows vulnerability

6 documents5 sources

Severity

7.5HIGHNVD

EPSS

11.3%

top 6.45%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Microsoft Windows Microsoft Windows 10 Version 1903 FOR 32-bit Systems Microsoft Windows 10 Version 1903 FOR Arm64-based Systems +6 more

Timeline

PublishedOct 10

Latest updateMay 24

Description

A denial of service vulnerability exists in Remote Desktop Protocol (RDP) when an attacker connects to the target system using RDP and sends specially crafted requests, aka 'Windows Remote Desktop Protocol (RDP) Denial of Service Vulnerability'.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:HExploitability: 3.9 | Impact: 3.6

Affected Packages7 packages

▶CVEListV5microsoft/windows_10_version_1903_for_32-bit_systemsunspecified

▶CVEListV5microsoft/windows_10_version_1903_for_x64-based_systemsunspecified

▶CVEListV5microsoft/windows_10_version_1903_for_arm64-based_systemsunspecified

▶CVEListV5microsoft/windows20 versions+19

▶NVDmicrosoft/windowsr2, 1803, 1903+2

Patches

Patch: portal.msrc.microsoft.com ↗Patch: portal.msrc.microsoft.com ↗

🔴Vulnerability Details

GHSA

GHSA-wwfq-8rhw-p2m7: A denial of service vulnerability exists in Remote Desktop Protocol (RDP) when an attacker connects to the target system using RDP and sends specially↗2022-05-24

▶

CVEList

CVE-2019-1326: A denial of service vulnerability exists in Remote Desktop Protocol (RDP) when an attacker connects to the target system using RDP and sends specially↗2019-10-10

▶

📋Vendor Advisories

Microsoft

Windows Remote Desktop Protocol (RDP) Denial of Service Vulnerability↗2019-10-08

▶

🕵️Threat Intelligence

Talos

Microsoft Patch Tuesday — Oct. 2019: Vulnerability disclosures and Snort coverage↗2019-10-08

▶

Talos

Microsoft Patch Tuesday — Oct. 2019: Vulnerability disclosures and Snort coverage↗2019-10-08

▶