Remote Code Execution Vulnerability in Proofpoint Insider Threat Management Server
CVE-2020-10655
9.8CRITICAL
What is CVE-2020-10655?
The Proofpoint Insider Threat Management Server (previously known as ObserveIT Server) is affected by a vulnerability in its ITM application server's WriteWindowMouse API. This flaw permits anonymous remote attackers to execute arbitrary code with local administrator privileges, primarily due to improper deserialization practices. Users of versions prior to 7.9.1 should take immediate action to mitigate potential risks.
