CVE-2019-9510 — Authentication Bypass Using an Alternate Path or Channel in Microsoft Windows 10 OR Newer System Using RDP

CWE-288 — Authentication Bypass Using an Alternate Path or Channel CWE-755 — Improper Handling of Exceptional Conditions2 documents2 sources

Severity

7.8HIGHNVD

EPSS

1.0%

top 23.14%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Microsoft Windows 10 OR Newer System Using RDP Microsoft Windows Server Microsoft Windows 10

Timeline

PublishedJan 15

Latest updateMay 24

Description

A vulnerability in Microsoft Windows 10 1803 and Windows Server 2019 and later systems can allow authenticated RDP-connected clients to gain access to user sessions without needing to interact with the Windows lock screen. Should a network anomaly trigger a temporary RDP disconnect, Automatic Reconnection of the RDP session will be restored to an unlocked state, regardless of how the remote system was left. By interrupting network connectivity of a system, an attacker with access to a system bei…

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 1.8 | Impact: 5.9

Affected Packages3 packages

▶CVEListV5microsoft/windows_10_or_newer_system_using_rdp1803 — 10 *

▶CVEListV5microsoft/windows_server2019 — 2019*

▶NVDmicrosoft/windows_101803

Patches

Patch: docs.microsoft.com ↗Patch: social.technet.microsoft.com ↗Patch: docs.microsoft.com ↗

🔴Vulnerability Details

GHSA

GHSA-mpp6-gpg9-88j7: A vulnerability in Microsoft Windows 10 1803 and Windows Server 2019 and later systems can allow authenticated RDP-connected clients to gain access to↗2022-05-24

▶