VDB
CVE-2019-1225
CVE-2019-1225
PUBLISHED
CVSS 7.5 HIGH
An information disclosure vulnerability exists when the Windows RDP server improperly discloses the contents of its memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the system. To exploit this vulnerability, an attacker would have to connect remotely to an affected system and run a specially crafted application. The security update addresses the vulnerability by correcting how the Windows RDP server initializes memory.
EPSS 4.96% · 89.9th percentile
Risk Scores
CVSS 3.1
7.5
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
EPSS Score
4.96%
89.9th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Microsoft | Windows 10 Version 1903 for ARM64-based Systems | 10.0.0 |
| Microsoft | Windows 10 Version 1903 for 32-bit Systems | 10.0.0 |
| Microsoft | Windows 10 Version 1803 | 10.0.0 |
| Microsoft | Windows Server, version 1909 (Server Core installation) | 10.0.0 |
| microsoft | windows_10 | 1903, 1803, 1809 |
| microsoft | windows_server_2019 | |
| Microsoft | Windows Server, version 1903 (Server Core installation) | 10.0.0 |
| Microsoft | Windows Server, version 1803 (Server Core Installation) | 10.0.0 |
| Microsoft | Windows 10 Version 1903 for x64-based Systems | 10.0.0 |
| microsoft | windows_server_2016 | 1803, 1803, 1903 |
| Microsoft | Windows 10 Version 1909 | 10.0.0 |
| Microsoft | Windows Server 2019 (Server Core installation) | 10.0.0 |
| Microsoft | Windows Server 2019 | 10.0.0 |
| Microsoft | Windows 10 Version 1809 | 10.0.0 |
Exploit Intelligence
- CIRCL seen: CVE-2019-1225 (circl-sighting)
- https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1225 (circl)
- https://www.hhs.gov/sites/default/files/revil-update-tlpwhite.pdf (vulncheck)
- guids_only.yara (github-yara)
- guids_only.yara (github-yara)
- CVE-2019-0708.yara (github-yara)
- CVE-2019-0708.yara (github-yara)
- CVE-2019-0708.yara (github-yara)
- CVE-2019-0708.yara (github-yara)
- guids_only.yara (github-yara)
…and 9 more exploits
Timeline
- Aug 14, 2019 CVE Published
- Nov 8, 2019 PoC Published
- Apr 14, 2021 EPSS Score
- Jun 23, 2021 EPSS Score
- Aug 19, 2021 VulnCheck KEV Exploitation
- Oct 26, 2021 EPSS Score
- Dec 27, 2021 EPSS Score
- Feb 4, 2022 EPSS Score
- Feb 28, 2022 EPSS Score
- Apr 1, 2022 EPSS Score
- Jun 22, 2022 VulnCheck KEV Exploitation
- Jul 3, 2022 EPSS Score
References
- https://download.schneider-electric.com/files?p_enDocType=Technical+leaflet&p_File_Name=SESB-2019-214-01-Wind_River_VxWorks_Security_Bulletin_V2.2.pdf&p_Doc_Ref=SESB-2019-214-01 advisory
- https://download.schneider-electric.com/files?p_enDocType=Technical+leaflet&p_File_Name=SEVD-2019-134-07_ConneXium_and_PowerLogic_Gateway_V2.pdf&p_Doc_Ref=SEVD-2019-134-07 advisory
- https://download.schneider-electric.com/files?p_enDocType=Technical+leaflet&p_File_Name=SEVD-2019-193-02_MicrosoftRDS-Product_InformationV1.4.pdf&p_Doc_Ref=SEVD-2019-193-02 advisory
- https://download.schneider-electric.com/files?p_enDocType=Technical+leaflet&p_File_Name=SEVD-2019-071-03-TriStation_Emulator_V2.pdf&p_Doc_Ref=SEVD-2019-071-03 advisory
- https://download.schneider-electric.com/files?p_enDocType=Technical+leaflet&p_File_Name=SEVD-2019-267-01_MicrosoftRDS-DejaBlue-Product_InformationV1.1.pdf&p_Doc_Ref=SEVD-2019-267-01 advisory
- https://download.schneider-electric.com/files?p_enDocType=Technical+leaflet&p_File_Name=SEVD-2019-193-01_IntelMDS-Product_InformationV1.3.pdf&p_Doc_Ref=SEVD-2019-193-01 advisory
- https://portal.msrc.microsoft.com/fr-FR/security-guidance advisory
- https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1225 url
- https://nvd.nist.gov/vuln/detail/CVE-2019-1225 advisory