Vulnerabilities > CVE-2016-0019 - 7PK - Security Features vulnerability in Microsoft Windows 10 1511

047910
CVSS 9.3 - CRITICAL
Attack vector
NETWORK
Attack complexity
MEDIUM
Privileges required
NONE
Confidentiality impact
COMPLETE
Integrity impact
COMPLETE
Availability impact
COMPLETE
network
microsoft
CWE-254
critical
nessus

Summary

The Remote Desktop Protocol (RDP) service implementation in Microsoft Windows 10 Gold and 1511 allows remote attackers to bypass intended access restrictions and establish sessions for blank-password accounts via a modified RDP client, aka "Windows Remote Desktop Protocol Security Bypass Vulnerability."

Vulnerable Configurations

Part Description Count
OS
Microsoft
4

Common Weakness Enumeration (CWE)

Msbulletin

bulletin_idMS16-007
bulletin_url
date2016-01-12T00:00:00
impactRemote Code Execution
knowledgebase_id3124901
knowledgebase_url
severityImportant
titleSecurity Update for Microsoft Windows to Address Remote Code Execution

Nessus

NASL familyWindows : Microsoft Bulletins
NASL idSMB_NT_MS16-007.NASL
descriptionThe remote Windows host is missing a security update. It is, therefore, affected by multiple vulnerabilities : - Multiple elevation of privilege vulnerabilities exist due to improper validation of user-supplied input before loading DLL files. A local attacker can exploit these, via a crafted application, to elevate their privileges and take control of the affected system. (CVE-2016-0014, CVE-2016-0020) - A remote code execution vulnerability exists in DirectShow due to improper validation of user-supplied input. A remote attacker can exploit this, by convincing a user to open a specially crafted file, to execute arbitrary code in the context of the current user, resulting in taking control of the affected system. (CVE-2016-0015) - Multiple remote code execution vulnerabilities exist due to improper validation of user-supplied input before loading DLL files. A local attacker can exploit these, via a specially crafted application, to execute arbitrary code. (CVE-2016-0016, CVE-2016-0018) - A security bypass vulnerability exists in the Windows Remote Desktop Protocol (RDP) due to a failure to prevent remote logons to accounts that have no passwords set. A remote attacker can exploit this, by using an older version of the RDP client to connect to a Windows 10 host, to generate a list of user accounts. (CVE-2016-0019)
last seen2020-06-01
modified2020-06-02
plugin id87890
published2016-01-13
reporterThis script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
sourcehttps://www.tenable.com/plugins/nessus/87890
titleMS16-007: Security Update for Microsoft Windows to Address Remote Code Execution (3124901)