CVE-2019-9510

MEDIUM

Microsoft Windows 10 <1803 and Windows Server 2019 - Privilege Esca...

Title source: llm

Description

A vulnerability in Microsoft Windows 10 1803 and Windows Server 2019 and later systems can allow authenticated RDP-connected clients to gain access to user sessions without needing to interact with the Windows lock screen. Should a network anomaly trigger a temporary RDP disconnect, Automatic Reconnection of the RDP session will be restored to an unlocked state, regardless of how the remote system was left. By interrupting network connectivity of a system, an attacker with access to a system being used as a Windows RDP client can gain access to a connected remote system, regardless of whether or not the remote system was locked. This issue affects Microsoft Windows 10, version 1803 and later, and Microsoft Windows Server 2019, version 2019 and later.

References (4)

Core 4

Core References

Third Party Advisory, US Government Resource third-party-advisory x_refsource_cert-vn

https://www.kb.cert.org/vuls/id/576688/

Patch, Vendor Advisory x_refsource_misc

https://docs.microsoft.com/en-us/openspecs/windows_protocols/ms-rdpbcgr/e729948a-3f4e-4568-9aef-d355e30b5389

Patch, Vendor Advisory x_refsource_misc

https://social.technet.microsoft.com/Forums/windowsserver/en-US/1fd171de-a1b5-4721-86bf-082e4a375049/rds-2019-but-probably-other-versions-as-well-locked-rdp-session-logs-in-after-session-reconnect

Vendor Advisory x_refsource_misc

https://docs.microsoft.com/en-us/previous-versions/windows/it-pro/windows-server-2008-R2-and-2008/cc732713%28v=ws.11%29

Scores

CVSS v3 5.3

EPSS 0.0127

EPSS Percentile 66.0%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L

Details

CWE

CWE-755 CWE-288

Status published

Products (2)

microsoft/windows_10 1803

microsoft/windows_server_2019

Published Jan 15, 2020

Tracked Since Feb 18, 2026