RDP vulnerabilities; TLP: GREEN

Active exploitation of RDP vulnerabilities have been reported. The RDP vulnerabilities exploited by attacker are BlueKeep (CVE-2019-0708) and DejaBlue (CVE-2019-1222, CVE 2019-1226, CVE-2019-1181 and CVE-2019-1182), both of which patch are already released by Microsoft.

Advertisements

The remote VPN user source address does not show in the checkpoint firewall, instead it shows the fortigate of the device LAN interface address.

Solution applied FortiGate 2000E Firmware version : v6.0.2 build0163 (GA) Forti Client Version                                       : 6.0.4 Check Point  5000 Appliance                    : R80.10 Problem: VPN user (10.50.50.1) have access of server (10.10.10.55) RDP service. For that IPsec VPN tunnel and access, policy created on Fortigate Firewall and applied IPsec tunnel on fortigate policy. User can connect VPN... Continue Reading →

Blog at WordPress.com.

Up ↑

%d bloggers like this: