1. Home
  2. Mapping Frameworks
  3. Known Exploited Vulnerabilities Home
  4. Microsoft Remote Desktop Services Remote Code Execution Vulnerability

Known Exploited Vulnerabilities CVE-2019-0708 Mappings

A remote code execution vulnerability exists in Remote Desktop Services formerly known as Terminal Services when an unauthenticated attacker connects to the target system using RDP and sends specially crafted requests, aka 'Remote Desktop Services Remote Code Execution Vulnerability'.

Mappings

Capability ID Capability Description Mapping Type ATT&CK ID ATT&CK Name Notes
CVE-2019-0708 Microsoft Remote Desktop Services Remote Code Execution Vulnerability secondary_impact T1498 Network Denial of Service
Comments
CVE-2019-0708, also known as BlueKeep, is a remote code execution vulnerability present in the Windows Remote Desktop Services. Blue Keep can enable remote unauthenticated attackers to run arbitrary code, or conduct denial of service attacks, as well as potentially take control of vulnerable systems.
References
  1. https://www.cisa.gov/news-events/cybersecurity-advisories/aa24-317a
  2. https://www.bleepingcomputer.com/news/security/bluekeep-scanner-discovered-in-watchbog-cryptomining-malware/
CVE-2019-0708 Microsoft Remote Desktop Services Remote Code Execution Vulnerability primary_impact T1059.004 Unix Shell
Comments
CVE-2019-0708, also known as BlueKeep, is a remote code execution vulnerability present in the Windows Remote Desktop Services. Blue Keep can enable remote unauthenticated attackers to run arbitrary code, or conduct denial of service attacks, as well as potentially take control of vulnerable systems.
References
  1. https://www.cisa.gov/news-events/cybersecurity-advisories/aa24-317a
  2. https://www.bleepingcomputer.com/news/security/bluekeep-scanner-discovered-in-watchbog-cryptomining-malware/
CVE-2019-0708 Microsoft Remote Desktop Services Remote Code Execution Vulnerability exploitation_technique T1133 External Remote Services
Comments
CVE-2019-0708, also known as BlueKeep, is a remote code execution vulnerability present in the Windows Remote Desktop Services. Blue Keep can enable remote unauthenticated attackers to run arbitrary code, or conduct denial of service attacks, as well as potentially take control of vulnerable systems.
References
  1. https://www.cisa.gov/news-events/cybersecurity-advisories/aa24-317a
  2. https://www.bleepingcomputer.com/news/security/bluekeep-scanner-discovered-in-watchbog-cryptomining-malware/