SB2019060503 - Authentication byass in Microsoft Windows RDP

CSH
CYBERSECURITY HELP
Sign In REGISTER

Main Vulnerability Database SB2019060503

SB2019060503 - Authentication byass in Microsoft Windows RDP

Published: June 5, 2019

Security Bulletin ID SB2019060503
Severity
Low
Patch available
NO
Number of vulnerabilities 1
Exploitation vector Remote access
Highest impact Data manipulation

Breakdown by Severity

Low 100%
  • Low
  • Medium
  • High
  • Critical

Description

This security bulletin contains information about 1 security vulnerability.


1) Improper Authentication (CVE-ID: CVE-2019-9510)

The vulnerability allows a remote attacker to bypass authentication process.

The vulnerability exists due to a logical error in implementation of RDP Network Level Authentication (NLA) when authenticating users after interrupted network connection. Remote Desktop server allows users to automatically authenticate in case of network connectivity loss without providing access credentials. An attacker with access a machine that is being used as RDP client can interrupt connection between the client and remote RDP server, then reconnect to the server and gain access to a remote session that belongs to another workstation user.


Remediation

Cybersecurity Help is not aware of any official remediation provided by the vendor.

References