{"containers": {"cna": {"title": "Remote Desktop Services\u00a0Remote Code Execution Vulnerability", "datePublic": "2019-08-13T07:00:00.000Z", "affected": [{"vendor": "Microsoft", "product": "Windows 10 Version 1803", "cpes": ["cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_10_1803:*:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_10_1803:*:*:*:*:*:*:arm64:*"], "platforms": ["32-bit Systems", "x64-based Systems", "ARM64-based Systems"], "versions": [{"version": "10.0.0", "lessThan": "publication", "versionType": "custom", "status": "affected"}]}, {"vendor": "Microsoft", "product": "Windows Server, version 1803 (Server Core Installation)", "cpes": ["cpe:2.3:o:microsoft:windows_server_1803:*:*:*:*:*:*:*:*"], "platforms": ["x64-based Systems"], "versions": [{"version": "10.0.0", "lessThan": "publication", "versionType": "custom", "status": "affected"}]}, {"vendor": "Microsoft", "product": "Windows 10 Version 1809", "cpes": ["cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:arm64:*"], "platforms": ["32-bit Systems", "x64-based Systems", "ARM64-based Systems"], "versions": [{"version": "10.0.0", "lessThan": "publication", "versionType": "custom", "status": "affected"}]}, {"vendor": "Microsoft", "product": "Windows Server 2019", "cpes": ["cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*"], "platforms": ["x64-based Systems"], "versions": [{"version": "10.0.0", "lessThan": "publication", "versionType": "custom", "status": "affected"}]}, {"vendor": "Microsoft", "product": "Windows Server 2019 (Server Core installation)", "cpes": ["cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*"], "platforms": ["x64-based Systems"], "versions": [{"version": "10.0.0", "lessThan": "publication", "versionType": "custom", "status": "affected"}]}, {"vendor": "Microsoft", "product": "Windows 10 Version 1903 for 32-bit Systems", "cpes": ["cpe:2.3:o:microsoft:windows_10:1903:*:*:*:*:*:*:*"], "platforms": ["Unknown"], "versions": [{"version": "10.0.0", "lessThan": "publication", "versionType": "custom", "status": "affected"}]}, {"vendor": "Microsoft", "product": "Windows 10 Version 1903 for x64-based Systems", "cpes": ["cpe:2.3:o:microsoft:windows_10:1903:*:*:*:*:*:*:*"], "platforms": ["Unknown"], "versions": [{"version": "10.0.0", "lessThan": "publication", "versionType": "custom", "status": "affected"}]}, {"vendor": "Microsoft", "product": "Windows 10 Version 1903 for ARM64-based Systems", "cpes": ["cpe:2.3:o:microsoft:windows_10:1903:*:*:*:*:*:*:*"], "platforms": ["Unknown"], "versions": [{"version": "10.0.0", "lessThan": "publication", "versionType": "custom", "status": "affected"}]}, {"vendor": "Microsoft", "product": "Windows Server, version 1903 (Server Core installation)", "cpes": ["cpe:2.3:o:microsoft:windows_server_1903:*:*:*:*:*:*:*:*"], "platforms": ["x64-based Systems"], "versions": [{"version": "10.0.0", "lessThan": "publication", "versionType": "custom", "status": "affected"}]}, {"vendor": "Microsoft", "product": "Windows 10 Version 1909", "cpes": ["cpe:2.3:o:microsoft:windows_10_1909:*:*:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_10_1909:*:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x64:*"], "platforms": ["32-bit Systems", "x64-based Systems", "ARM64-based Systems"], "versions": [{"version": "10.0.0", "lessThan": "publication", "versionType": "custom", "status": "affected"}]}, {"vendor": "Microsoft", "product": "Windows Server, version 1909 (Server Core installation)", "cpes": ["cpe:2.3:o:microsoft:windows_server_1909:*:*:*:*:*:*:*:*"], "platforms": ["x64-based Systems"], "versions": [{"version": "10.0.0", "lessThan": "publication", "versionType": "custom", "status": "affected"}]}], "descriptions": [{"value": "A remote code execution vulnerability exists in Remote Desktop Services \u2013 formerly known as Terminal Services \u2013 when an unauthenticated attacker connects to the target system using RDP and sends specially crafted requests. This vulnerability is pre-authentication and requires no user interaction. An attacker who successfully exploited this vulnerability could execute arbitrary code on the target system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.\nTo exploit this vulnerability, an attacker would need to send a specially crafted request to the target systems Remote Desktop Service via RDP.\nThe update addresses the vulnerability by correcting how Remote Desktop Services handles connection requests.", "lang": "en-US"}], "problemTypes": [{"descriptions": [{"description": "Remote Code Execution", "lang": "en-US", "type": "Impact"}]}], "providerMetadata": {"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "shortName": "microsoft", "dateUpdated": "2024-05-29T16:51:12.090Z"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1226"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190819-01-windows-en"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-187667.pdf"}], "metrics": [{"format": "CVSS", "scenarios": [{"lang": "en-US", "value": "GENERAL"}], "cvssV3_1": {"version": "3.1", "baseSeverity": "CRITICAL", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C"}}]}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2024-06-18T20:39:11.103805Z", "id": "CVE-2019-1226", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-06-18T20:39:20.030Z"}}, {"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-04T18:13:29.557Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1226"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190819-01-windows-en"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-187667.pdf"}]}]}, "cveMetadata": {"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "assignerShortName": "microsoft", "cveId": "CVE-2019-1226", "datePublished": "2019-08-14T20:55:05.000Z", "dateReserved": "2018-11-26T00:00:00.000Z", "dateUpdated": "2024-08-04T18:13:29.557Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1226", "tags": ["x_refsource_MISC", "x_transferred"]}, {"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190819-01-windows-en", "tags": ["x_refsource_CONFIRM", "x_transferred"]}, {"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-187667.pdf", "tags": ["x_refsource_CONFIRM", "x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-04T18:13:29.557Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2019-1226", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2024-06-18T20:39:11.103805Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-06-18T20:39:16.737Z"}}], "cna": {"title": "Remote Desktop Services\u00a0Remote Code Execution Vulnerability", "metrics": [{"format": "CVSS", "cvssV3_1": {"version": "3.1", "baseScore": 9.8, "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C"}, "scenarios": [{"lang": "en-US", "value": "GENERAL"}]}], "affected": [{"cpes": ["cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_10_1803:*:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_10_1803:*:*:*:*:*:*:arm64:*"], "vendor": "Microsoft", "product": "Windows 10 Version 1803", "versions": [{"status": "affected", "version": "10.0.0", "lessThan": "publication", "versionType": "custom"}], "platforms": ["32-bit Systems", "x64-based Systems", "ARM64-based Systems"]}, {"cpes": ["cpe:2.3:o:microsoft:windows_server_1803:*:*:*:*:*:*:*:*"], "vendor": "Microsoft", "product": "Windows Server, version 1803 (Server Core Installation)", "versions": [{"status": "affected", "version": "10.0.0", "lessThan": "publication", "versionType": "custom"}], "platforms": ["x64-based Systems"]}, {"cpes": ["cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:arm64:*"], "vendor": "Microsoft", "product": "Windows 10 Version 1809", "versions": [{"status": "affected", "version": "10.0.0", "lessThan": "publication", "versionType": "custom"}], "platforms": ["32-bit Systems", "x64-based Systems", "ARM64-based Systems"]}, {"cpes": ["cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*"], "vendor": "Microsoft", "product": "Windows Server 2019", "versions": [{"status": "affected", "version": "10.0.0", "lessThan": "publication", "versionType": "custom"}], "platforms": ["x64-based Systems"]}, {"cpes": ["cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*"], "vendor": "Microsoft", "product": "Windows Server 2019 (Server Core installation)", "versions": [{"status": "affected", "version": "10.0.0", "lessThan": "publication", "versionType": "custom"}], "platforms": ["x64-based Systems"]}, {"cpes": ["cpe:2.3:o:microsoft:windows_10:1903:*:*:*:*:*:*:*"], "vendor": "Microsoft", "product": "Windows 10 Version 1903 for 32-bit Systems", "versions": [{"status": "affected", "version": "10.0.0", "lessThan": "publication", "versionType": "custom"}], "platforms": ["Unknown"]}, {"cpes": ["cpe:2.3:o:microsoft:windows_10:1903:*:*:*:*:*:*:*"], "vendor": "Microsoft", "product": "Windows 10 Version 1903 for x64-based Systems", "versions": [{"status": "affected", "version": "10.0.0", "lessThan": "publication", "versionType": "custom"}], "platforms": ["Unknown"]}, {"cpes": ["cpe:2.3:o:microsoft:windows_10:1903:*:*:*:*:*:*:*"], "vendor": "Microsoft", "product": "Windows 10 Version 1903 for ARM64-based Systems", "versions": [{"status": "affected", "version": "10.0.0", "lessThan": "publication", "versionType": "custom"}], "platforms": ["Unknown"]}, {"cpes": ["cpe:2.3:o:microsoft:windows_server_1903:*:*:*:*:*:*:*:*"], "vendor": "Microsoft", "product": "Windows Server, version 1903 (Server Core installation)", "versions": [{"status": "affected", "version": "10.0.0", "lessThan": "publication", "versionType": "custom"}], "platforms": ["x64-based Systems"]}, {"cpes": ["cpe:2.3:o:microsoft:windows_10_1909:*:*:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_10_1909:*:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x64:*"], "vendor": "Microsoft", "product": "Windows 10 Version 1909", "versions": [{"status": "affected", "version": "10.0.0", "lessThan": "publication", "versionType": "custom"}], "platforms": ["32-bit Systems", "x64-based Systems", "ARM64-based Systems"]}, {"cpes": ["cpe:2.3:o:microsoft:windows_server_1909:*:*:*:*:*:*:*:*"], "vendor": "Microsoft", "product": "Windows Server, version 1909 (Server Core installation)", "versions": [{"status": "affected", "version": "10.0.0", "lessThan": "publication", "versionType": "custom"}], "platforms": ["x64-based Systems"]}], "datePublic": "2019-08-13T07:00:00.000Z", "references": [{"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1226", "tags": ["x_refsource_MISC"]}, {"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190819-01-windows-en", "tags": ["x_refsource_CONFIRM"]}, {"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-187667.pdf", "tags": ["x_refsource_CONFIRM"]}], "descriptions": [{"lang": "en-US", "value": "A remote code execution vulnerability exists in Remote Desktop Services \u2013 formerly known as Terminal Services \u2013 when an unauthenticated attacker connects to the target system using RDP and sends specially crafted requests. This vulnerability is pre-authentication and requires no user interaction. An attacker who successfully exploited this vulnerability could execute arbitrary code on the target system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.\nTo exploit this vulnerability, an attacker would need to send a specially crafted request to the target systems Remote Desktop Service via RDP.\nThe update addresses the vulnerability by correcting how Remote Desktop Services handles connection requests."}], "problemTypes": [{"descriptions": [{"lang": "en-US", "type": "Impact", "description": "Remote Code Execution"}]}], "providerMetadata": {"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "shortName": "microsoft", "dateUpdated": "2024-05-29T16:51:12.090Z"}}}, "cveMetadata": {"cveId": "CVE-2019-1226", "state": "PUBLISHED", "dateUpdated": "2024-08-04T18:13:29.557Z", "dateReserved": "2018-11-26T00:00:00.000Z", "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "datePublished": "2019-08-14T20:55:05.000Z", "assignerShortName": "microsoft"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:microsoft:windows_10:1803:*:*:*:*:*:*:*", "matchCriteriaId": "7CB85C75-4D35-480E-843D-60579EC75FCB", "vulnerable": true}, {"criteria": "cpe:2.3:o:microsoft:windows_10:1809:*:*:*:*:*:*:*", "matchCriteriaId": "6B8F3DD2-A145-4AF1-8545-CC42892DA3D1", "vulnerable": true}, {"criteria": "cpe:2.3:o:microsoft:windows_10:1903:*:*:*:*:*:*:*", "matchCriteriaId": "3FB5CDAE-C713-4D9D-9D6A-2C2E8924A4BB", "vulnerable": true}, {"criteria": "cpe:2.3:o:microsoft:windows_server_2016:1803:*:*:*:*:*:*:*", "matchCriteriaId": "CAACE735-003E-4ACB-A82E-C0CF97D7F013", "vulnerable": true}, {"criteria": "cpe:2.3:o:microsoft:windows_server_2016:1903:*:*:*:*:*:*:*", "matchCriteriaId": "5B921FDB-8E7D-427E-82BE-4432585080CF", "vulnerable": true}, {"criteria": "cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*", "matchCriteriaId": "DB79EE26-FC32-417D-A49C-A1A63165A968", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "A remote code execution vulnerability exists in Remote Desktop Services \u2013 formerly known as Terminal Services \u2013 when an unauthenticated attacker connects to the target system using RDP and sends specially crafted requests. This vulnerability is pre-authentication and requires no user interaction. An attacker who successfully exploited this vulnerability could execute arbitrary code on the target system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.\nTo exploit this vulnerability, an attacker would need to send a specially crafted request to the target systems Remote Desktop Service via RDP.\nThe update addresses the vulnerability by correcting how Remote Desktop Services handles connection requests."}, {"lang": "es", "value": "Existe una vulnerabilidad de ejecuci\u00f3n remota de c\u00f3digo en los Servicios de escritorio remoto, anteriormente conocidos como Servicios de terminal, cuando un atacante no autenticado se conecta al sistema de destino mediante RDP y env\u00eda solicitudes especialmente dise\u00f1adas, tambi\u00e9n conocidas como 'Vulnerabilidad de ejecuci\u00f3n de c\u00f3digo remoto de los Servicios de escritorio remoto'. Este ID de CVE es exclusivo de CVE-2019-1181, CVE-2019-1182, CVE-2019-1222."}], "id": "CVE-2019-1226", "lastModified": "2026-02-20T21:18:51.740", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 10.0, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "secure@microsoft.com", "type": "Secondary"}]}, "published": "2019-08-14T21:15:18.877", "references": [{"source": "secure@microsoft.com", "tags": ["Third Party Advisory"], "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190819-01-windows-en"}, {"source": "secure@microsoft.com", "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-187667.pdf"}, {"source": "secure@microsoft.com", "tags": ["Patch", "Vendor Advisory"], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1226"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190819-01-windows-en"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-187667.pdf"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch", "Vendor Advisory"], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1226"}], "sourceIdentifier": "secure@microsoft.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-noinfo"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}