Quickfire Cyber Bulletin June 5, 2026
← Back

CVE-2019-0708

Microsoft Remote Desktop Services Remote Code Execution Vulnerability

High

Description

Microsoft Remote Desktop Services, formerly known as Terminal Service, contains an unspecified vulnerability that allows an unauthenticated attacker to connect to the target system using RDP and send specially crafted requests. Successful exploitation allows for remote code execution. The vulnerability is also known under the moniker of BlueKeep.

Scores & Signals

EPSS score 0.9445 (100.0th percentile)
CISA KEV Yes — actively exploited (added 2021-11-03) · due 2022-05-03
Affected Microsoft Remote Desktop Services

Sources

External references

Risk scores are deterministic, based on public signals only. They are informational context, not a final verdict. Always consult vendor advisories before taking action.