Vulnerability   
Search   
    Search 219043 CVE descriptions
and 99761 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.0.108795
Category:Huawei
Title:Huawei Data Communication: Four Remote Code Execution Vulnerability in Some Microsoft Windows Systems (huawei-sa-20190819-01-windows)
Summary:Microsoft released a security advisory to disclose four remote code execution vulnerabilities in Remote Desktop Services.
Description:Summary:
Microsoft released a security advisory to disclose four remote code execution vulnerabilities in Remote Desktop Services.

Vulnerability Insight:
Microsoft released a security advisory to disclose four remote code execution vulnerabilities in Remote Desktop Services. An unauthenticated attacker connects to the target system using RDP and sends specially crafted requests to exploit the vulnerabilities. Successful exploit may cause arbitrary code execution on the target system. (Vulnerability ID: HWPSIRT-2019-08107, HWPSIRT-2019-08108, HWPSIRT-2019-08109 and HWPSIRT-2019-08110)The four vulnerabilities have been assigned four Common Vulnerabilities and Exposures (CVE) IDs: CVE-2019-1181, CVE-2019-1182, CVE-2019-1222 and CVE-2019-1226.Huawei has released software updates to fix these vulnerabilities. This advisory is available in the linked references.

Vulnerability Impact:
Successful exploit may cause arbitrary code execution on the target system.

Affected Software/OS:
2288H V5 versions V100R005C00

BH620 V2 versions V100R002C00

BH621 V2 versions V100R002C00

BH622 V2 versions V100R002C00

BH640 V2 versions V100R001C00

CH121 versions V100R001C00

CH140 versions V100R001C00

CH220 versions V100R001C00

CH221 versions V100R001C00

CH222 versions V100R002C00

CH240 versions V100R001C00

CH242 V3 versions V100R001C00

E6000 Chassis versions V100R001C00

Matebook, Magicbook series laptops versions Run the affected Windows operating system

OceanStor 18500 versions V100R001C30SPC200

OceanStor 18800 versions V100R001C30SPC200

OceanStor HVS85T versions V100R001C00

OceanStor HVS88T versions V100R001C00

RH1288 V2 versions V100R002C00

RH1288A V2 versions V100R002C00

RH2265 V2 versions V100R002C00

RH2268 V2 versions V100R002C00

RH2285 V2 versions V100R002C00

RH2285H V2 versions V100R002C00

RH2288 V2 versions V100R002C00

RH2288A V2 versions V100R002C00

RH2288E V2 versions V100R002C00

RH2288H V2 versions V100R002C00

RH2485 V2 versions V100R002C00

RH5885 V2 versions V100R001C00

RH5885 V3 versions V100R003C00

SMC2.0 versions V500R002C00 V600R006C00 V600R006C10 V600R019C00 V600R019C10

X6000 versions V100R002C00

X8000 versions V100R001C00

eSpace ECS versions V300R001C00

Solution:
See the referenced vendor advisory for a solution.

CVSS Score:
10.0

CVSS Vector:
AV:N/AC:L/Au:N/C:C/I:C/A:C

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2019-1181
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1181
Common Vulnerability Exposure (CVE) ID: CVE-2019-1182
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1182
Common Vulnerability Exposure (CVE) ID: CVE-2019-1222
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1222
Common Vulnerability Exposure (CVE) ID: CVE-2019-1226
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1226
CopyrightCopyright (C) 2020 Greenbone Networks GmbH

This is only one of 99761 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.




© 1998-2024 E-Soft Inc. All rights reserved.