Remote Code Execution Vulnerability in Microsoft Exchange Software by Microsoft
CVE-2020-0688

8.8HIGH

Key Information:

Vendor: Microsoft
Status: Microsoft Exchange Server 2013; Microsoft Exchange Server 2019 Cumulative Update 3; Microsoft Exchange Server 2016 Cumulative Update 14; Microsoft Exchange Server 2016 Cumulative Update 15
Vendor: CVE Published:; 11 February 2020

Badges

💰 Ransomware👾 Exploit Exists🟡 Public PoC🟣 EPSS 97%🦅 CISA Reported

Summary

A vulnerability exists in Microsoft Exchange software that allows remote code execution due to improper handling of objects in memory. This issue could enable attackers to execute arbitrary code on the affected system, potentially leading to unauthorized access or control over sensitive data and services. Organizations using Microsoft Exchange 2019 and 2016 should apply relevant patches and updates to mitigate the risks associated with this vulnerability.

CISA Reported

CISA provides regional cyber and physical services to support security and resilience across the United States. CISA monitor the most dangerious vulnerabilities and have identifed as being exploited and is known by the CISA as enabling ransomware campaigns.

The CISA's recommendation is: Apply updates per vendor instructions.

Affected Version(s)

Microsoft Exchange Server 2010 Service Pack 3 Update Rollup 30 = unspecified

Microsoft Exchange Server 2013 Cumulative Update 23

Microsoft Exchange Server 2016 Cumulative Update 14 = unspecified

Exploit Proof of Concept (PoC)

PoC code is written by security researchers to demonstrate the vulnerability can be exploited. PoC code is also a key component for weaponization which could lead to ransomware.

CVE-2020-0688
Created by zcgonvh

cve-2020-0688
Created by Ridter

cve-2020-0688
Created by random-robbie