Threat Advisories - NVD Disclosed May 16, 2019

CVE-2019-0903

Microsoft GDI Vulnerability Allows Remote Code Execution

Halo Surface Signal: 2 out of 5 — less likely to be public-facing.

A vulnerability in Windows Graphics Device Interface (GDI) allows remote code execution by improperly handling memory objects. Attackers could gain control of affected systems. This presents a significant business risk to organizations.

NVD published: May 16, 2019 • CISA KEV

CVE advisoryKnown Exploit

CVE-2019-0863

Windows Error Reporting Privilege Escalation Vulnerability

Halo Surface Signal: 1 out of 5 — much less likely to be public-facing.

A vulnerability in Windows Error Reporting allows an attacker with local access to elevate privileges, potentially leading to unauthorized system control and data access. Organizations should address this by identifying affected systems and applying vendor updates.

NVD published: May 16, 2019 • CISA KEV

CVE advisoryKnown Exploit

CVE-2019-0708

Remote Desktop Services Remote Code Execution Vulnerability.

Halo Surface Signal: 5 out of 5 — more likely to be public-facing.

A vulnerability in Remote Desktop Services could allow an unauthenticated attacker to execute code remotely. This could impact organizations by compromising systems and data. The business risk stems from potential unauthorized access and control over affected services.A vulnerability in Remote Desktop Services could al

NVD published: May 16, 2019 • CISA KEV