Lucene search
Huawei TechnologiesHUAWEI-SA-20190529-01-WINDOWSHistoryMay 29, 2019 - 12:00 a.m.
Security Advisory - Remote Code Execution Vulnerability in Some Microsoft Windows Systems
2019-05-2900:00:00
Huawei Technologies
www.huawei.com
456
CVSS2
10
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
CVSS3
9.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS
0.975
Percentile
100.0%
Microsoft released a security advisory to disclose a remote code execution vulnerability in Remote Desktop Services. An unauthenticated attacker connects to the target system using RDP and sends specially crafted requests to exploit the vulnerability. Successful exploit may cause arbitrary code execution on the target system. (Vulnerability ID: HWPSIRT-2019-05133)
This vulnerability has been assigned a Common Vulnerabilities and Exposures (CVE) ID: CVE-2019-0708.
Huawei has released solutions to fix this vulnerability. This advisory is available at the following link:
http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190529-01-windows-en
Affected configurations
Node
huaweiagile_controller-campus_firmwareMatchv100r002c00
ORhuaweiagile_controller-campus_firmwareMatchv100r002c10
ORhuaweibh620_v2_firmwareMatchv100r002c00
ORhuaweibh621_v2_firmwareMatchv100r002c00
ORhuaweibh622_v2_firmwareMatchv100r001c00
ORhuaweibh640_v2_firmwareMatchv100r002c00
ORhuaweich121_firmwareMatchv100r001c00
ORhuaweich140_firmwareMatchv100r001c00
ORhuaweich220_firmwareMatchv100r001c00
ORhuaweich221_firmwareMatchv100r001c00
ORhuaweich222_firmwareMatchv100r002c00
ORhuaweich240_firmwareMatchv100r001c00
ORhuaweich242_firmwareMatchv100r001c00
ORhuaweich242_v3_firmwareMatchv100r001c00
ORhuaweie6000_firmwareMatchv100r002c00
ORhuaweie6000_chassis_firmwareMatchv100r001c00
ORhuaweigtsoftx3000_firmwareMatchv200r001c01spc100
ORhuaweigtsoftx3000_firmwareMatchv200r002c00spc300
ORhuaweigtsoftx3000_firmwareMatchv200r002c10spc100
ORhuaweioceanstor_18500_firmwareMatchv100r001c30spc300
ORhuaweioceanstor_18800_firmwareMatchv100r001c30spc300
ORhuaweioceanstor_18800f_firmwareMatchv100r001c30spc300
ORhuaweioceanstor_hvs85t_firmwareMatchv100r001c00
ORhuaweioceanstor_hvs85t_firmwareMatchv100r001c30spc200
ORhuaweioceanstor_hvs88t_firmwareMatchv100r001c00
ORhuaweioceanstor_hvs88t_firmwareMatchv100r001c30spc200
ORhuaweirh1288_v2_firmwareMatchv100r002c00
ORhuaweirh1288a_v2_firmwareMatchv100r002c00
ORhuaweirh2265_v2_firmwareMatchv100r002c00
ORhuaweirh2268_v2_firmwareMatchv100r002c00
ORhuaweirh2285_v2_firmwareMatchv100r002c00
ORhuaweirh2285h_v2_firmwareMatchv100r002c00
ORhuaweirh2288_v2_firmwareMatchv100r002c00
ORhuaweirh2288a_v2_firmwareMatchv100r002c00
ORhuaweirh2288e_v2_firmwareMatchv100r002c00
ORhuaweirh2288h_v2_firmwareMatchv100r002c00
ORhuaweirh2485_v2_firmwareMatchv100r002c00
ORhuaweirh5885_v2_firmwareMatchv100r001c00
ORhuaweirh5885_v3_firmwareMatchv100r003c00
ORhuaweismc2.0_firmwareMatchv500r002c00
ORhuaweismc2.0_firmwareMatchv600r006c00
ORhuaweiseco_vsm_firmwareMatchv200r002c00
ORhuaweiuma_firmwareMatchv200r001c00
ORhuaweiuma_firmwareMatchv300r001c00
ORhuaweix6000_firmwareMatchv100r002c00
ORhuaweix8000_firmwareMatchv100r002c20
ORhuaweielog_firmwareMatchv200r003c10
ORhuaweiespace_ecs_firmwareMatchv300r001c00
| Vendor | Product | Version | CPE |
|---|---|---|---|
| huawei | agile_controller-campus_firmware | v100r002c00 | cpe:2.3:o:huawei:agile_controller-campus_firmware:v100r002c00:*:*:*:*:*:*:* |
| huawei | agile_controller-campus_firmware | v100r002c10 | cpe:2.3:o:huawei:agile_controller-campus_firmware:v100r002c10:*:*:*:*:*:*:* |
| huawei | bh620_v2_firmware | v100r002c00 | cpe:2.3:o:huawei:bh620_v2_firmware:v100r002c00:*:*:*:*:*:*:* |
| huawei | bh621_v2_firmware | v100r002c00 | cpe:2.3:o:huawei:bh621_v2_firmware:v100r002c00:*:*:*:*:*:*:* |
| huawei | bh622_v2_firmware | v100r001c00 | cpe:2.3:o:huawei:bh622_v2_firmware:v100r001c00:*:*:*:*:*:*:* |
| huawei | bh640_v2_firmware | v100r002c00 | cpe:2.3:o:huawei:bh640_v2_firmware:v100r002c00:*:*:*:*:*:*:* |
| huawei | ch121_firmware | v100r001c00 | cpe:2.3:o:huawei:ch121_firmware:v100r001c00:*:*:*:*:*:*:* |
| huawei | ch140_firmware | v100r001c00 | cpe:2.3:o:huawei:ch140_firmware:v100r001c00:*:*:*:*:*:*:* |
| huawei | ch220_firmware | v100r001c00 | cpe:2.3:o:huawei:ch220_firmware:v100r001c00:*:*:*:*:*:*:* |
| huawei | ch221_firmware | v100r001c00 | cpe:2.3:o:huawei:ch221_firmware:v100r001c00:*:*:*:*:*:*:* |
Related
thn
thn
New Brute-Force Botnet Targeting Over 1.5 Million RDP Servers Worldwide
2019-06-07 09:13:00
Nearly 1 Million Computers Still Vulnerable to "Wormable" BlueKeep RDP Flaw
2019-05-28 12:08:00
First Cyber Attack 'Mass Exploiting' BlueKeep RDP Flaw Spotted in the Wild
2019-11-03 11:02:00
threatpost
threatpost
Wormable BlueKeep Bug Still Threatens Legions of Windows Systems
2019-07-17 20:55:43
BlueKeep Attacks Have Arrived, Are Initially Underwhelming
2019-11-04 11:24:08
Lemon Duck Cryptocurrency-Mining Botnet Activity Spikes
2020-10-13 20:41:52
mssecure
mssecure
Protect against BlueKeep
2019-08-08 16:00:57
Best practices for defending Azure Virtual Machines
2020-10-07 16:00:20
talosblog
talosblog
Threat Roundup for August 2 to August 9
2019-08-09 13:28:08
Threat Roundup for September 6 to September 13
2019-09-13 14:06:47
Threat Roundup for October 4 to October 11
2019-10-11 08:45:39
zdt
zdt
Microsoft Windows Remote Desktop - (BlueKeep) Denial of Service Exploit
2019-07-15 00:00:00
Microsoft Windows Remote Desktop - BlueKeep Denial of Service Exploit
2019-05-31 00:00:00
exploitpack
exploitpack
Microsoft Windows Remote Desktop - BlueKeep Denial of Service (Metasploit)
2019-07-15 00:00:00
cisa
cisa
Microsoft Releases Security Updates to Address Remote Code Execution Vulnerability
2019-05-16 00:00:00
NSA Releases Advisory on BlueKeep Vulnerability
2019-06-04 00:00:00
githubexploit
githubexploit
Exploit for Use After Free in Microsoft
2019-05-28 02:25:21
Exploit for Use After Free in Microsoft
2019-05-28 16:09:10
Exploit for Use After Free in Microsoft
2019-05-22 05:18:18
trellix
trellix
Understanding the Wormable RDP Vulnerability CVE-2019-0708
2019-05-21 00:00:00
Understanding the Wormable RDP Vulnerability CVE-2019-0708
2019-05-21 00:00:00
Securing Space 4.0 – One Small Step or a Giant Leap? - Part 1
2020-09-30 00:00:00
exploitdb
exploitdb
f5
f5
msrc
msrc
A Reminder to Update Your Systems to Prevent a Worm
2019-05-31 05:53:28
Prevent a worm by updating Remote Desktop Services (CVE-2019-0708)
2019-05-14 17:05:03
Prevent a worm by updating Remote Desktop Services (CVE-2019-0708)
2019-05-14 07:00:00
kitploit
kitploit
FATT - A Script For Extracting Network Metadata And Fingerprints From Pcap Files And Live Network Traffic
2019-10-07 21:13:00
Pentest Tools Framework - A Database Of Exploits, Scanners And Tools For Penetration Testing
2020-03-12 11:30:00
Ispy - Eternalblue (MS17-010) / Bluekeep (CVE-2019-0708) Scanner And Exploit
2019-10-09 21:00:00
cvelist
cvelist
CVE-2019-0708
2019-05-16 18:17:00
packetstorm
packetstorm
Microsoft Windows Remote Desktop BlueKeep Denial Of Service
2019-05-30 00:00:00
CVE-2019-0708 BlueKeep Microsoft Remote Desktop Remote Code Execution Check
2024-08-31 00:00:00
Microsoft Windows RDP BlueKeep Denial Of Service
2019-07-15 00:00:00
myhack58
myhack58
Began openly selling a...the United States company is selling weapons of the BlueKeep the exploit-vulnerability warning-the black bar safety net
2019-07-26 00:00:00
qualysblog
qualysblog
Blue is a color we love but can’t Keep!
2019-12-20 16:00:59
BlueKeep Attacks Observed Months after Initial Release
2019-11-04 21:50:34
metasploit
metasploit
CVE-2019-0708 BlueKeep Microsoft Remote Desktop RCE Check
2019-06-03 21:54:33
CVE-2019-0708 BlueKeep RDP Remote Windows Kernel Use After Free
2019-09-19 11:05:08
prion
prion
Remote code execution
2019-05-16 19:29:00
canvas
canvas
Immunity Canvas: BLUEKEEP
2019-05-16 19:29:00
symantec
symantec
nessus
nessus
ics
ics
Spacelabs Xhibit Telemetry Receiver (XTR)
2020-02-18 12:00:00
Microsoft Operating Systems BlueKeep Vulnerability
2019-06-17 12:00:00
openvas
openvas
cve
cve
CVE-2019-0708
2019-05-16 19:29:00
mscve
mscve
Remote Desktop Services Remote Code Execution Vulnerability
2019-05-14 07:00:00
checkpoint_advisories
checkpoint_advisories
Microsoft Remote Desktop Services Remote Code Execution (CVE-2019-0708)
2019-05-19 00:00:00
cisa_kev
cisa_kev
Microsoft Remote Desktop Services Remote Code Execution Vulnerability
2021-11-03 00:00:00
carbonblack
carbonblack
attackerkb
attackerkb
CVE-2019-0708
2019-05-16 00:00:00
Windows Remote Desktop (RDP) Use-after-free vulnerablility, "Bluekeep"
2019-05-16 00:00:00
Insecure RDP
2020-10-09 00:00:00
nvd
nvd
CVE-2019-0708
2019-05-16 19:29:00
rapid7blog
rapid7blog
NICER Protocol Deep Dive: Internet Exposure of Remote Desktop (RDP)
2020-10-23 17:26:31
krebs
krebs
Microsoft Patches ‘Wormable’ Flaw in Windows XP, 7 and Windows 2003
2019-05-14 17:11:34
fireeye
fireeye
malwarebytes
malwarebytes
Microsoft pushes patch to prevent ‘WannaCry level’ vulnerability
2019-05-15 16:57:16
CVSS2
10
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
CVSS3
9.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS
0.975
Percentile
100.0%
Related for HUAWEI-SA-20190529-01-WINDOWS