CVSS Base Vector:
This host is running Microsoft Windows Remote Desktop Services
and is prone to the remote code execution vulnerability known as 'BlueKeep'.
Sends a specially crafted request to the target systems
Remote Desktop Service via RDP and checks the response.
A remote code execution vulnerability exists in Remote Desktop Services
when an unauthenticated attacker connects to the target system using RDP and sends specially crafted requests.
This vulnerability is pre-authentication and requires no user interaction.
For an in-depth analysis and further technical insights and details please see the references.
Successful exploitation would allow an attacker to execute arbitrary code on the target system.
An attacker could then install programs, view, change, or delete data, or create new accounts with full user rights.
Microsoft Windows 7, Windows Server 2008 R2, Windows Server 2008,
Windows Server 2003 R2, Windows Server 2003, Windows Vista and Windows XP (including Embedded).
The vendor has released updates. Please see
the references for more information.
As a workaround enable Network Level Authentication (NLA) on systems running supported
editions of Windows 7, Windows Server 2008, and Windows Server 2008 R2.
NOTE: After enabling NLA affected systems are still vulnerable to Remote Code Execution (RCE)
exploitation if the attacker has valid credentials that can be used to successfully authenticate.