CVE-2019-9510
CVSS V2 Medium 4.6
CVSS V3 High 7.8
Description
A vulnerability in Microsoft Windows 10 1803 and Windows Server 2019 and later systems can allow authenticated RDP-connected clients to gain access to user sessions without needing to interact with the Windows lock screen. Should a network anomaly trigger a temporary RDP disconnect, Automatic Reconnection of the RDP session will be restored to an unlocked state, regardless of how the remote system was left. By interrupting network connectivity of a system, an attacker with access to a system being used as a Windows RDP client can gain access to a connected remote system, regardless of whether or not the remote system was locked. This issue affects Microsoft Windows 10, version 1803 and later, and Microsoft Windows Server 2019, version 2019 and later.
Overview
- CVE ID
- CVE-2019-9510
- Assigner
- cret@cert.org
- Vulnerability Status
- Analyzed
- Published Version
- 2020-01-15T17:15:14
- Last Modified Date
- 2020-10-19T19:54:28
Weakness Enumerations
CPE Configuration (Product)
| CPE | Vulnerable | Operator | Version Start | Version End |
|---|---|---|---|---|
| cpe:2.3:o:microsoft:windows_10:1803:*:*:*:*:*:*:* | 1 | OR | ||
| cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:* | 1 | OR |
CVSS Version 2
- Version
- 2.0
- Vector String
- AV:L/AC:L/Au:N/C:P/I:P/A:P
- Access Vector
- LOCAL
- Access Compatibility
- LOW
- Authentication
- NONE
- Confidentiality Impact
- PARTIAL
- Integrity Impact
- PARTIAL
- Availability Impact
- PARTIAL
- Base Score
- 4.6
- Severity
- MEDIUM
- Exploitability Score
- 3.9
- Impact Score
- 6.4
CVSS Version 3
- Version
- 3.1
- Vector String
- CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
- Attack Vector
- LOCAL
- Attack Compatibility
- LOW
- Privileges Required
- LOW
- User Interaction
- NONE
- Scope
- UNCHANGED
- Confidentiality Impact
- HIGH
- Availability Impact
- HIGH
- Base Score
- 7.8
- Base Severity
- HIGH
- Exploitability Score
- 1.8
- Impact Score
- 5.9
References
| Reference URL | Reference Tags |
|---|---|
| https://www.kb.cert.org/vuls/id/576688/ | Third Party Advisory US Government Resource |
| https://docs.microsoft.com/en-us/openspecs/windows_protocols/ms-rdpbcgr/e729948a-3f4e-4568-9aef-d355e30b5389 | Patch Vendor Advisory |
| https://social.technet.microsoft.com/Forums/windowsserver/en-US/1fd171de-a1b5-4721-86bf-082e4a375049/rds-2019-but-probably-other-versions-as-well-locked-rdp-session-logs-in-after-session-reconnect | Patch Vendor Advisory |
| https://docs.microsoft.com/en-us/previous-versions/windows/it-pro/windows-server-2008-R2-and-2008/cc732713(v=ws.11) | Patch Vendor Advisory |
Sources
| Source Name | Source URL |
|---|---|
| NIST | https://nvd.nist.gov/vuln/detail/CVE-2019-9510 |
| MITRE | https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9510 |
History
| Created | Old Value | New Value | Data Type | Notes |
|---|---|---|---|---|
| 2022-05-10 16:23:09 | Added to TrackCVE | |||
| 2022-12-04 09:30:54 | cert@cert.org | cret@cert.org | CVE Assigner | updated |
| 2022-12-04 09:30:54 | 2020-01-15T17:15Z | 2020-01-15T17:15:14 | CVE Published Date | updated |
| 2022-12-04 09:30:54 | 2020-10-19T19:54:28 | CVE Modified Date | updated | |
| 2022-12-04 09:30:54 | Analyzed | Vulnerability Status | updated |