Earlier this week, US cybersecurity firm Immunity Inc. announced that it has added a functional BlueKeep exploit to its commercial pen-testing toolkit called CANVAS v7.23.
BlueKeep, tracked as CVE-2019-0708, impacts Remote Desktop Protocol (RDP) implementations on older Windows operating systems. It is a very dangerous flaw because it could be used by threat actors to carry out a massive attack involving a worm, i.e. self-replicating malicious code, just like the 2017 global WannaCry outbreak. While Microsoft released a patch for the flaw on May 14, a recent Internet scan by BitSight found 805,665 systems that were still vulnerable.
CANVAS v7.23 is the first hacking tool that comes with a BlueKeep exploit capable of remote code execution on vulnerable systems. Since CANVAS licenses cost thousands of dollars, the audience is still limited.