Arbitrary Code Execution Vulnerability in Proofpoint Insider Threat Management Server
CVE-2020-10658
9.8CRITICAL
What is CVE-2020-10658?
The Proofpoint Insider Threat Management Server prior to version 7.9.1 contains a vulnerability within the ITM application server's WriteImage API. This weakness permits an unauthorized remote attacker to execute arbitrary code with local administrator privileges, stemming from improper deserialization practices. Organizations utilizing this software should prioritize updating to the latest version to mitigate potential security risks.
