cve/2019/CVE-2019-1226.md

### [CVE-2019-1226](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1226)
![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201803&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201809&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201903%20for%2032-bit%20Systems&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201903%20for%20ARM64-based%20Systems&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201903%20for%20x64-based%20Systems&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201909&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202019%20(Server%20Core%20installation)&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202019&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%2C%20version%201803%20%20(Server%20Core%20Installation)&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%2C%20version%201903%20(Server%20Core%20installation)&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%2C%20version%201909%20(Server%20Core%20installation)&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%20publication%20&color=brighgreen)
![](https://img.shields.io/static/v1?label=Vulnerability&message=Remote%20Code%20Execution&color=brighgreen)

### Description

A remote code execution vulnerability exists in Remote Desktop Services – formerly known as Terminal Services – when an unauthenticated attacker connects to the target system using RDP and sends specially crafted requests. This vulnerability is pre-authentication and requires no user interaction. An attacker who successfully exploited this vulnerability could execute arbitrary code on the target system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.To exploit this vulnerability, an attacker would need to send a specially crafted request to the target systems Remote Desktop Service via RDP.The update addresses the vulnerability by correcting how Remote Desktop Services handles connection requests.

### POC

#### Reference
No PoCs from references.

#### Github
- https://github.com/0xT11/CVE-POC
- https://github.com/developer3000S/PoC-in-GitHub
- https://github.com/hectorgie/PoC-in-GitHub
- https://github.com/nomi-sec/PoC-in-GitHub
-												Update Sun May 26 14:27:04 CEST 2024

											
										
										
											2024-05-26 14:27:05 +02:00
+								### [CVE-2019-1226](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1226)
-												Update CVE sources 2024-06-07 04:52

											
										
										
											2024-06-07 04:52:01 +00:00
+								![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201803&color=blue)
 								![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201809&color=blue)
-												Update Sun May 26 14:27:04 CEST 2024

											
										
										
											2024-05-26 14:27:05 +02:00
+								![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201903%20for%2032-bit%20Systems&color=blue)
 								![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201903%20for%20ARM64-based%20Systems&color=blue)
 								![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201903%20for%20x64-based%20Systems&color=blue)
-												Update CVE sources 2024-06-07 04:52

											
										
										
											2024-06-07 04:52:01 +00:00
+								![](https://img.shields.io/static/v1?label=Product&message=Windows%2010%20Version%201909&color=blue)
 								![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202019%20(Server%20Core%20installation)&color=blue)
 								![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202019&color=blue)
 								![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%2C%20version%201803%20%20(Server%20Core%20Installation)&color=blue)
-												Update Sun May 26 14:27:04 CEST 2024

											
										
										
											2024-05-26 14:27:05 +02:00
+								![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%2C%20version%201903%20(Server%20Core%20installation)&color=blue)
-												Update CVE sources 2024-06-07 04:52

											
										
										
											2024-06-07 04:52:01 +00:00
+								![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%2C%20version%201909%20(Server%20Core%20installation)&color=blue)
 								![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%20publication%20&color=brighgreen)
-												Update Sun May 26 14:27:04 CEST 2024

											
										
										
											2024-05-26 14:27:05 +02:00
+								![](https://img.shields.io/static/v1?label=Vulnerability&message=Remote%20Code%20Execution&color=brighgreen)
 								### Description
-												Update CVE sources 2024-06-07 04:52

											
										
										
											2024-06-07 04:52:01 +00:00
+								A remote code execution vulnerability exists in Remote Desktop Services – formerly known as Terminal Services – when an unauthenticated attacker connects to the target system using RDP and sends specially crafted requests. This vulnerability is pre-authentication and requires no user interaction. An attacker who successfully exploited this vulnerability could execute arbitrary code on the target system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.To exploit this vulnerability, an attacker would need to send a specially crafted request to the target systems Remote Desktop Service via RDP.The update addresses the vulnerability by correcting how Remote Desktop Services handles connection requests.
-												Update Sun May 26 14:27:04 CEST 2024

											
										
										
											2024-05-26 14:27:05 +02:00
 								### POC
 								#### Reference
 								No PoCs from references.
 								#### Github
 								- https://github.com/0xT11/CVE-POC
 								- https://github.com/developer3000S/PoC-in-GitHub
 								- https://github.com/hectorgie/PoC-in-GitHub
 								- https://github.com/nomi-sec/PoC-in-GitHub