E19-0r901
CVSS:
9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
False Positive:
f
Variants:
8
Year:
2019
Description
This strike replicates an attack known as Bluekeep against a Microsoft Windows RDP Server (Remote Desktop Services), exploiting a use-after-free vulnerability.
The flaw resides in a single memory zone being addressed by two different pointers when creating
a RDP channel with the name 'MS_T120', when the connection is set up.
A successful exploitation grants the attacker complete control over the target system.