Microsoft Exchange CVE-2020-0688 – MULTIPLE EXPLOITS AVAILABLE

Posted on By topbento No Comments on Microsoft Exchange CVE-2020-0688 – MULTIPLE EXPLOITS AVAILABLE
News, Vulnerability

At this time there are now multiple exploits available for CVE-2020-0688 which allows for Remote Code Execution on servers running a vulnerable version of Microsoft Exchange. This code is executed as SYSTEM and the CVSS score for this vulnerability is 9.0 HIGH. Authentication is required, however, due to Outlook Web Access this could be easy to acquire depending on the size of the organization and what authentication methods are in place.

Patches are available and should be rolled out if a vulnerable version of Microsoft Exchange Server 2010, 2013, 2016, or 2019 is in use in your environment.

More reading and resources here:

Tenable Blog

MITRE CVE

Microsoft MSRC

Detecting RCE

You may also like

Breach
Charter and Windstream ADDED TO LIST OF TELCO PROVIDERS COMPROMISED BY Salt Typhoon
January 7, 2025
Malware
HARDWARE ARRIVES FROM CHINA COMPLETE WITH PREINSTALLED MALWARE
January 25, 2022
News
REMOTE CODE EXECUTION in Zoom from Pwn2Own 2021
August 23, 2021
News
MOST VULNERABILITIES CAN BE EXPLOITED BY GPT-4 BY READING THREAT ADVISORIES
April 19, 2024

Leave a Reply