TFTP: Microsoft Windows Deployment Services TFTP CVE-2019-0603 RCE
This signature detects attempts to exploit a known vulnerability against Microsoft Windows Deployment Services TFTP. A successful attack can lead to arbitrary code execution.
Extended Description
A remote code execution vulnerability exists in the way that Windows Deployment Services TFTP Server handles objects in memory. An attacker who successfully exploited the vulnerability could execute arbitrary code with elevated permissions on a target system. To exploit the vulnerability, an attacker could create a specially crafted request, causing Windows to execute arbitrary code with elevated permissions. The security update addresses the vulnerability by correcting how Windows Deployment Services TFTP Server handles objects in memory, aka 'Windows Deployment Services TFTP Server Remote Code Execution Vulnerability'.
Affected Products
Microsoft windows_server_2016
Short Name
TFTP:MS-DEPLOY-SERVICE-TFTP-RCE
Severity
Major
Recommended
False
Recommended Action
None
Category
TFTP
Keywords
CVE-2019-0603 Deployment Microsoft RCE Services TFTP Windows bid:107229
Release Date
07/24/2019
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3590
False Positive
Occasionally
Vendors
Microsoft
CVSS Score
8.5