Strike ID:
E19-0r901
CVSS:
10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C)
False Positive:
f
Variants:
8
Year:
2019

Description

This strike replicates an attack known as Bluekeep against a Microsoft Windows RDP Server Remote Desktop Services, exploiting a Use-After-Free vulnerability. The flaw resides in a single memory zone being addressed by two different pointers when creating a RDP channel with the name MS T120, when the connection is set up. A successful exploitation grants the attacker complete control over the target system.

CVE

References

MSB

BID

ExploitDB

Secunia

Security Tracker

Metasploit

ZDI

Google

OSVDB

{}