KEV Entry: CVE-2020-0688

Entry Details

Confirmed Exploited

Vulnerability ID

CVE-2020-0688

Status Updated At

2021-11-03 00:00 UTC

Timestamps

First Seen At

2021-11-03

Asserted At

2021-11-03

Scope

Notes

KEVIntel entry: A remote code execution vulnerability exists in Microsoft Exchange software when the software fails to properly handle objects in memory, aka... | Affected: Microsoft / Microsoft Exchange Server 2013, Microsoft Exchange Server 2019 Cumulative Update 3, Microsoft Exchange Server 2016 Cumulative Update 14, Microsoft Exchange Server 2016 Cumulative Update 15, Microsoft Exchange Server 2019 Cumulative Update 4, Microsoft Exchange Server 2010 Service Pack 3 Update Rollup 30 | CVSS: 8.8 (HIGH) | Used in malware: yes | Not yet in CISA KEV: False

References

{'id': 'CVE-2020-0688', 'url': 'https://www.cve.org/CVERecord?id=CVE-2020-0688'}
{'id': 'kevintel', 'url': 'https://kevintel.com/vuln/CVE-2020-0688'}

Entry UUID

c53d0413-e180-4f8e-97cb-7666529ef8b8

Catalog Origin UUID

caeb2787-0d58-4236-9039-7c86c3e566f3

Created

2026-06-19 12:47 UTC

Last Updated

2026-06-19 12:47 UTC

Evidence

1

Type Source Signal Confidence Details GCVE Metadata

Type	Source	Signal	Confidence	Details	GCVE Metadata
public_report	kevintel	confirmed_compromise	0.70	View details { "added_date": "2021-11-03T00:00:00.000Z", "ahead_of_cisa_kev": null, "cvss_score": 8.8, "cvss_severity": "HIGH", "epss_percentile": null, "epss_score": null, "feed": "KEVIntel (kevintel.com)", "not_yet_in_cisa_kev": false, "product": "Microsoft Exchange Server 2013, Microsoft Exchange Server 2019 Cumulative Update 3, Microsoft Exchange Server 2016 Cumulative Update 14, Microsoft Exchange Server 2016 Cumulative Update 15, Microsoft Exchange Server 2019 Cumulative Update 4, Microsoft Exchange Server 2010 Service Pack 3 Update Rollup 30", "title": "A remote code execution vulnerability exists in Microsoft Exchange software when the software fails to properly handle objects in memory, aka...", "used_in_malware": "yes", "vendor": "Microsoft" }	-

public_report

kevintel

confirmed_compromise

0.70

View details

{
  "added_date": "2021-11-03T00:00:00.000Z",
  "ahead_of_cisa_kev": null,
  "cvss_score": 8.8,
  "cvss_severity": "HIGH",
  "epss_percentile": null,
  "epss_score": null,
  "feed": "KEVIntel (kevintel.com)",
  "not_yet_in_cisa_kev": false,
  "product": "Microsoft Exchange Server 2013, Microsoft Exchange Server 2019 Cumulative Update 3, Microsoft Exchange Server 2016 Cumulative Update 14, Microsoft Exchange Server 2016 Cumulative Update 15, Microsoft Exchange Server 2019 Cumulative Update 4, Microsoft Exchange Server 2010 Service Pack 3 Update Rollup 30",
  "title": "A remote code execution vulnerability exists in Microsoft Exchange software when the software fails to properly handle objects in memory, aka...",
  "used_in_malware": "yes",
  "vendor": "Microsoft"
}

-

Export Options

JSON Object JSON API View Full Catalog