Detections
Analytics
CVE-2020-0688
high
Description
A remote code execution vulnerability exists in Microsoft Exchange software when the software fails to properly handle objects in memory, aka 'Microsoft Exchange Memory Corruption Vulnerability'.
From the Tenable Blog
CVE-2020-0688: Microsoft Exchange Server Static Key Flaw Could Lead to Remote Code Execution
Published: 2020-02-26
Attackers are probing for vulnerable Microsoft Exchange Servers, as details surrounding a severe flaw were recently made public. Update 02/27/2020: The proof-of-concept section has been updated to reflect the availability of several exploit scripts, including those that can be used to automate exploitation.
References
https://www.tenable.com/cyber-exposure/tenable-2022-threat-landscape-report
https://www.tenable.com/cyber-exposure/a-look-inside-the-ransomware-ecosystem
https://www.cisa.gov/news-events/cybersecurity-advisories/aa22-117a
https://www.cisa.gov/news-events/cybersecurity-advisories/aa21-209a
https://www.cisa.gov/news-events/cybersecurity-advisories/aa20-296a
https://www.tenable.com/blog/how-covid-19-response-is-expanding-the-cyberattack-surface
https://www.zerodayinitiative.com/advisories/ZDI-20-258/
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0688
http://packetstormsecurity.com/files/156620/Exchange-Control-Panel-Viewstate-Deserialization.html