严重 Windows RDP 远程代码执行高危漏洞BlueKeep(CVE-2019-0708)
CVE编号
CVE-2019-0708利用情况
POC 已公开补丁情况
官方补丁披露时间
2019-05-14漏洞描述
2019年9月6日,阿里云应急响应中心监测到metasploit-framework在github空间披露BlueKeep CVE-2019-0708可远程命令执行利用代码,利用此EXP代码,可以在目标系统上执行任意命令。甚至传播恶意蠕虫,感染内网其他机器。类似于2017年爆发的WannaCry等恶意勒索软件病毒。风险极大。 2019.5.15 阿里云应急响应中心已发布该漏洞预警公告,并上线云安全中心漏洞检测和修复规则,阿里云应急响应中心提醒windows相关用户尽快采取安全措施阻止漏洞攻击。详情:https://help.aliyun.com/noticelist/articleid/1060000116.html解决建议
1、针对Windows 7、Windows Server 2008和Windows Server 2008 R2的用户,及时安装官方安全补丁:https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-07082、针对Windows 2003及Windows XP的用户,及时更新系统版本或安装官方补丁:https://support.microsoft.com/zh-cn/help/4500705/customer-guidance-for-cve-2019-0708受影响软件情况
| # | 类型 | 厂商 | 产品 | 版本 | 影响面 | ||||
| 1 | |||||||||
|---|---|---|---|---|---|---|---|---|---|
| 运行在以下环境 | |||||||||
| 系统 | microsoft | windows_7 | - | - | |||||
| 运行在以下环境 | |||||||||
| 系统 | microsoft | windows_server_2003 | - | - | |||||
| 运行在以下环境 | |||||||||
| 系统 | microsoft | windows_server_2003 | r2 | - | |||||
| 运行在以下环境 | |||||||||
| 系统 | microsoft | windows_server_2008 | - | - | |||||
| 运行在以下环境 | |||||||||
| 系统 | microsoft | windows_server_2008 | r2 | - | |||||
| 运行在以下环境 | |||||||||
| 系统 | microsoft | windows_vista | - | - | |||||
| 运行在以下环境 | |||||||||
| 系统 | microsoft | windows_xp | - | - | |||||
- 攻击路径 远程
- 攻击复杂度 容易
- 权限要求 无需权限
- 影响范围 全局影响
- EXP成熟度 POC 已公开
- 补丁情况 官方补丁
- 数据保密性 数据泄露
- 数据完整性 传输被破坏
- 服务器危害 服务器失陷
- 全网数量 N/A
| CWE-ID | 漏洞类型 |
| CWE-416 | 释放后使用 |
Exp相关链接
- https://github.com//zerosum0x0/CVE-2019-0708
- https://github.com/0xeb-bp/bluekeep
- https://github.com/0xFlag/CVE-2019-0708-test
- https://github.com/1aa87148377/CVE-2019-0708
- https://github.com/303sec/CVE-2019-0708
- https://github.com/930201676/CVE-2019-0708-EXP-Windows
- https://github.com/AaronWilsonGrylls/CVE-2019-0708-POC
- https://github.com/adalenv/CVE-2019-0708-Tool
- https://github.com/AdministratorGithub/CVE-2019-0708
- https://github.com/alexa872/CVE-2019-0708
- https://github.com/algo7/bluekeep_CVE-2019-0708_poc_to_exploit
- https://github.com/andripwn/CVE-2019-0708
- https://github.com/areusecure/CVE-2019-0708
- https://github.com/at0mik/CVE-2019-0708-PoC
- https://github.com/Barry-McCockiner/CVE-2019-0708
- https://github.com/biggerwing/CVE-2019-0708-poc
- https://github.com/bilawalzardaer/CVE-2019-0708
- https://github.com/blacksunwen/CVE-2019-0708
- https://github.com/blockchainguard/CVE-2019-0708
- https://github.com/cbwang505/CVE-2019-0708-EXP-Windows
- https://github.com/closethe/CVE-2019-0708-POC
- https://github.com/coolboy4me/cve-2019-0708_bluekeep_rce
- https://github.com/cpkkcb/CVE-2019-0708-BlueKeep
- https://github.com/cream-sec/CVE-2019-0708-Msf--
- https://github.com/cve-2019-0708-poc/cve-2019-0708
- https://github.com/cvencoder/cve-2019-0708
- https://github.com/Cyb0r9/ispy
- https://github.com/distance-vector/CVE-2019-0708
- https://github.com/dorkerdevil/Remote-Desktop-Services-Remote-Code-Execution-Vulnerability-CVE-2019-0708-
- https://github.com/eastmountyxz/CVE-2019-0708-Windows
- https://github.com/edvacco/CVE-2019-0708-POC
- https://github.com/Ekultek/BlueKeep
- https://github.com/f8al/CVE-2019-0708-POC
- https://github.com/fade-vivida/CVE-2019-0708-test
- https://github.com/fourtwizzy/CVE-2019-0708-Check-Device-Patch-Status
- https://github.com/freeide/CVE-2019-0708
- https://github.com/freeide/CVE-2019-0708-PoC-Exploit
- https://github.com/FrostsaberX/CVE-2019-0708
- https://github.com/Gh0st0ne/rdpscan-BlueKeep
- https://github.com/gildaaa/CVE-2019-0708
- https://github.com/go-bi/CVE-2019-0708-EXP-Windows
- https://github.com/gobysec/CVE-2019-0708
- https://github.com/HackerJ0e/CVE-2019-0708
- https://github.com/haishanzheng/CVE-2019-0708-generate-hosts
- https://github.com/haoge8090/CVE-2019-0708
- https://github.com/hawk-520/CVE-2019-0708
- https://github.com/herhe/CVE-2019-0708poc
- https://github.com/hook-s3c/CVE-2019-0708-poc
- https://github.com/hotdog777714/RDS_CVE-2019-0708
- https://github.com/ht0Ruial/CVE-2019-0708Poc-BatchScanning
- https://github.com/HynekPetrak/detect_bluekeep.py
- https://github.com/infenet/CVE-2019-0708
- https://github.com/infiniti-team/CVE-2019-0708
- https://github.com/Jaky5155/cve-2019-0708-exp
- https://github.com/JasonLOU/CVE-2019-0708
- https://github.com/jiansiting/CVE-2019-0708
- https://github.com/JSec1337/Scanner-CVE-2019-0708
- https://github.com/k8gege/CVE-2019-0708
- https://github.com/Kinesys/Kinesys-CVE-2019-0708-Exploit
- https://github.com/krivegasa/Mass-scanner-for-CVE-2019-0708-RDP-RCE-Exploit
- https://github.com/l9c/rdp0708scanner
- https://github.com/Leoid/CVE-2019-0708
- https://github.com/lwtz/CVE-2019-0708
- https://github.com/lwtz/sudoku.py
- https://github.com/mai-lang-chai/CVE-2019-0708-RCE
- https://github.com/major203/cve-2019-0708-scan
- https://github.com/matengfei000/CVE-2019-0708
- https://github.com/mekhalleh/cve-2019-0708
- https://github.com/Micr067/CVE-2019-0708RDP-MSF
- https://github.com/n0auth/CVE-2019-0708
- https://github.com/n1xbyte/CVE-2019-0708
- https://github.com/nochemax/bLuEkEeP-GUI
- https://github.com/ntkernel0/CVE-2019-0708
- https://github.com/NullByteSuiteDevs/CVE-2019-0708
- https://github.com/omaidf/CVE-2019-0708-PoC
- https://github.com/oneoy/BlueKeep
- https://github.com/p0p0p0/CVE-2019-0708-exploit
- https://github.com/Pa55w0rd/CVE-2019-0708
- https://github.com/pry0cc/BlueKeepTracker
- https://github.com/pry0cc/cve-2019-0708-2
- https://github.com/pwnhacker0x18/Wincrash
- https://github.com/qing-root/CVE-2019-0708-EXP-MSF-
- https://github.com/R4v3nG/CVE-2019-0708-DOS
- https://github.com/RickGeex/msf-module-CVE-2019-0708
- https://github.com/robertdavidgraham/rdpscan
- https://github.com/rockmelodies/CVE-2019-0708-Exploit
- https://github.com/Rostelecom-CERT/bluekeepscan
- https://github.com/safly/CVE-2019-0708
- https://github.com/sbkcbig/CVE-2019-0708-EXPloit
- https://github.com/sbkcbig/CVE-2019-0708-EXPloit-3389
- https://github.com/sbkcbig/CVE-2019-0708-Poc-exploit
- https://github.com/ShadowBrokers-ExploitLeak/CVE-2019-0708
- https://github.com/SherlockSec/CVE-2019-0708
- https://github.com/shishibabyq/CVE-2019-0708
- https://github.com/shumtheone/CVE-2019-0708
- https://github.com/shun-gg/CVE-2019-0708
- https://github.com/sinlee1/CVE-2019-0708
- https://github.com/skommando/CVE-2019-0708
- https://github.com/skyshell20082008/CVE-2019-0708-PoC-Hitting-Path
- https://github.com/smallFunction/CVE-2019-0708-POC
- https://github.com/SugiB3o/Check-vuln-CVE-2019-0708
- https://github.com/SurrealSky/CVE20190708SCAN
- https://github.com/syriusbughunt/CVE-2019-0708
- https://github.com/temp-user-2014/CVE-2019-0708
- https://github.com/thugcrowd/CVE-2019-0708
- https://github.com/ttsite/CVE-2019-0708
- https://github.com/ttsite/CVE-2019-0708-
- https://github.com/turingcompl33t/bluekeep
- https://github.com/ulisesrc/-2-CVE-2019-0708
- https://github.com/umarfarook882/CVE-2019-0708
- https://github.com/upknboy/CVE-2019-0708-BlueKeep
- https://github.com/UraSecTeam/CVE-2019-0708
- https://github.com/victor0013/CVE-2019-0708
- https://github.com/wdfcc/CVE-2019-0708
- https://github.com/Wileysec/CVE-2019-0708-Batch-Blue-Screen
- https://github.com/worawit/CVE-2019-0708
- https://github.com/wqsemc/CVE-2019-0708
- https://github.com/xiyangzuishuai/Dark-Network-CVE-2019-0708
- https://github.com/yetiddbb/CVE-2019-0708-PoC
- https://github.com/YSheldon/MS_T120
- https://github.com/yushiro/CVE-2019-0708
- https://github.com/ze0r/CVE-2019-0708-exp
- https://github.com/zerosum0x0/CVE-2019-0708
- https://github.com/zjw88282740/CVE-2019-0708-win7
- https://gitlab.com/alessio_/CVE-2019-0708
- https://gitlab.com/ntkernel/CVE-2019-0708
- https://gitlab.com/ntkernel/Remote-Desktop-Services-Remote-Code-Execution-Vulnerability-CVE-2019-0708-
- https://gitlab.com/typ0drome/CVE-2019-0708
- https://gitlab.com/xixicp3/CVE-2019-0708
- https://raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/auxiliary/scanner/rdp/cve_2019_0708_bluekeep.rb
- https://raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/exploits/windows/rdp/cve_2019_0708_bluekeep_rce.rb
- https://www.exploit-db.com/exploits/46946
- https://www.exploit-db.com/exploits/47120
- https://www.exploit-db.com/exploits/47416
- https://www.exploit-db.com/exploits/47683
版权声明
本站原创文章转载请注明文章出处及链接,谢谢合作!
评论