BlueKeep: Pre-auth wormable RCE in Windows Remote Desktop. Similar wormability potential to WannaCry. Apply May 2019 patches immediately and block RDP from the internet. Use VPN + NLA as compensating controls. Actively exploited by cryptominer campaigns.
A remote code execution vulnerability exists in Remote Desktop Services -- formerly known as Terminal Services -- when an unauthenticated attacker connects to the target system using RDP and sends specially crafted requests. BlueKeep.
Supernova subscribers receive AI-triaged CVE alerts the moment they're published — before the PoC drops.
Start Supernova — $99/mo →