From helpnetsecurity.com
There is still no public, working exploit code for CVE-2019-0708, a flaw that could allow an unauthenticated remote attacker to execute remote code on a vulnerable target running Remote Desktop Protocol (RDP).
But, as many infosec experts have noted, we’re not far off from when one is created and leveraged by attackers in the wild. With the vulnerability being wormable, when it hits, the exploit could end up compromising millions of systems around the world, in homes and enterprises.