Vulnerability-Lookup

CVE-2020-0688 (GCVE-0-2020-0688)

Vulnerability from cvelistv5 – Published: 2020-02-11 21:22 – Updated: 2025-10-21 23:35

CISA KEV

Summary

A remote code execution vulnerability exists in Microsoft Exchange software when the software fails to properly handle objects in memory, aka 'Microsoft Exchange Memory Corruption Vulnerability'.

Severity ?

8.8 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CWE

Remote Code Execution

Assigner

microsoft

References

URL

Tags

	https://portal.msrc.microsoft.com/en-US/security-…	x_refsource_MISC
	https://www.zerodayinitiative.com/advisories/ZDI-…	x_refsource_MISC
	http://packetstormsecurity.com/files/156592/Micro…	x_refsource_MISC
	http://packetstormsecurity.com/files/156620/Excha…	x_refsource_MISC

Impacted products

Vendor

Product

Version

Microsoft

Microsoft Exchange Server 2013

Affected: Cumulative Update 23

Microsoft	Microsoft Exchange Server 2019 Cumulative Update 3	Affected: unspecified
Microsoft	Microsoft Exchange Server 2016 Cumulative Update 14	Affected: unspecified
Microsoft	Microsoft Exchange Server 2016 Cumulative Update 15	Affected: unspecified
Microsoft	Microsoft Exchange Server 2019 Cumulative Update 4	Affected: unspecified
Microsoft	Microsoft Exchange Server 2010 Service Pack 3 Update Rollup 30	Affected: unspecified

CISA KEV

Known Exploited Vulnerability - GCVE BCP-07 Compliant

KEV entry ID: 2bd9190a-6af7-48ef-a3d4-0c4d9255f199

Vulnerability ID: CVE-2020-0688

Status: Confirmed

Status Updated: 2021-11-03 00:00 UTC

Exploited: Yes

Timestamps

First Seen: 2021-11-03

Asserted: 2021-11-03

Scope

Notes: KEV entry: Microsoft Exchange Server Validation Key Remote Code Execution Vulnerability | Affected: Microsoft / Exchange Server | Description: Microsoft Exchange Server Validation Key fails to properly create unique keys at install time, allowing for remote code execution. | Required action: Apply updates per vendor instructions. | Due date: 2022-05-03 | Known ransomware campaign use (KEV): Known | Notes (KEV): https://nvd.nist.gov/vuln/detail/CVE-2020-0688

Evidence

Type: Vendor Report

Signal: Successful Exploitation

Confidence: 80%

Source: cisa-kev

Details

Cwes	CWE-287
Feed	CISA Known Exploited Vulnerabilities Catalog
Product	Exchange Server
Due Date	2022-05-03
Date Added	2021-11-03
Vendorproject	Microsoft
Vulnerabilityname	Microsoft Exchange Server Validation Key Remote Code Execution Vulnerability
Knownransomwarecampaignuse	Known

References

CVE-2020-0688

Created: 2026-02-02 12:28 UTC | Updated: 2026-02-06 07:17 UTC

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T06:11:05.469Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0688"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.zerodayinitiative.com/advisories/ZDI-20-258/"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://packetstormsecurity.com/files/156592/Microsoft-Exchange-2019-15.2.221.12-Remote-Code-Execution.html"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://packetstormsecurity.com/files/156620/Exchange-Control-Panel-Viewstate-Deserialization.html"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "NETWORK",
              "availabilityImpact": "HIGH",
              "baseScore": 8.8,
              "baseSeverity": "HIGH",
              "confidentialityImpact": "HIGH",
              "integrityImpact": "HIGH",
              "privilegesRequired": "LOW",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2020-0688",
                "options": [
                  {
                    "Exploitation": "active"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-02-04T18:44:23.710392Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          },
          {
            "other": {
              "content": {
                "dateAdded": "2021-11-03",
                "reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2020-0688"
              },
              "type": "kev"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-287",
                "description": "CWE-287 Improper Authentication",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-10-21T23:35:51.234Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "references": [
          {
            "tags": [
              "government-resource"
            ],
            "url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2020-0688"
          }
        ],
        "timeline": [
          {
            "lang": "en",
            "time": "2021-11-03T00:00:00+00:00",
            "value": "CVE-2020-0688 added to CISA KEV"
          }
        ],
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Microsoft Exchange Server 2013",
          "vendor": "Microsoft",
          "versions": [
            {
              "status": "affected",
              "version": "Cumulative Update 23"
            }
          ]
        },
        {
          "product": "Microsoft Exchange Server 2019 Cumulative Update 3",
          "vendor": "Microsoft",
          "versions": [
            {
              "status": "affected",
              "version": "unspecified"
            }
          ]
        },
        {
          "product": "Microsoft Exchange Server 2016 Cumulative Update 14",
          "vendor": "Microsoft",
          "versions": [
            {
              "status": "affected",
              "version": "unspecified"
            }
          ]
        },
        {
          "product": "Microsoft Exchange Server 2016 Cumulative Update 15",
          "vendor": "Microsoft",
          "versions": [
            {
              "status": "affected",
              "version": "unspecified"
            }
          ]
        },
        {
          "product": "Microsoft Exchange Server 2019 Cumulative Update 4",
          "vendor": "Microsoft",
          "versions": [
            {
              "status": "affected",
              "version": "unspecified"
            }
          ]
        },
        {
          "product": "Microsoft Exchange Server 2010 Service Pack 3 Update Rollup 30",
          "vendor": "Microsoft",
          "versions": [
            {
              "status": "affected",
              "version": "unspecified"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A remote code execution vulnerability exists in Microsoft Exchange software when the software fails to properly handle objects in memory, aka \u0027Microsoft Exchange Memory Corruption Vulnerability\u0027."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Remote Code Execution",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-03-04T15:06:05.000Z",
        "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
        "shortName": "microsoft"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0688"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.zerodayinitiative.com/advisories/ZDI-20-258/"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://packetstormsecurity.com/files/156592/Microsoft-Exchange-2019-15.2.221.12-Remote-Code-Execution.html"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://packetstormsecurity.com/files/156620/Exchange-Control-Panel-Viewstate-Deserialization.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "secure@microsoft.com",
          "ID": "CVE-2020-0688",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Microsoft Exchange Server 2013",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "Cumulative Update 23"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "Microsoft Exchange Server 2019 Cumulative Update 3",
                      "version": {
                        "version_data": [
                          {
                            "version_value": ""
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "Microsoft Exchange Server 2016 Cumulative Update 14",
                      "version": {
                        "version_data": [
                          {
                            "version_value": ""
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "Microsoft Exchange Server 2016 Cumulative Update 15",
                      "version": {
                        "version_data": [
                          {
                            "version_value": ""
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "Microsoft Exchange Server 2019 Cumulative Update 4",
                      "version": {
                        "version_data": [
                          {
                            "version_value": ""
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "Microsoft Exchange Server 2010 Service Pack 3 Update Rollup 30",
                      "version": {
                        "version_data": [
                          {
                            "version_value": ""
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Microsoft"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A remote code execution vulnerability exists in Microsoft Exchange software when the software fails to properly handle objects in memory, aka \u0027Microsoft Exchange Memory Corruption Vulnerability\u0027."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "Remote Code Execution"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0688",
              "refsource": "MISC",
              "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0688"
            },
            {
              "name": "https://www.zerodayinitiative.com/advisories/ZDI-20-258/",
              "refsource": "MISC",
              "url": "https://www.zerodayinitiative.com/advisories/ZDI-20-258/"
            },
            {
              "name": "http://packetstormsecurity.com/files/156592/Microsoft-Exchange-2019-15.2.221.12-Remote-Code-Execution.html",
              "refsource": "MISC",
              "url": "http://packetstormsecurity.com/files/156592/Microsoft-Exchange-2019-15.2.221.12-Remote-Code-Execution.html"
            },
            {
              "name": "http://packetstormsecurity.com/files/156620/Exchange-Control-Panel-Viewstate-Deserialization.html",
              "refsource": "MISC",
              "url": "http://packetstormsecurity.com/files/156620/Exchange-Control-Panel-Viewstate-Deserialization.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
    "assignerShortName": "microsoft",
    "cveId": "CVE-2020-0688",
    "datePublished": "2020-02-11T21:22:59.000Z",
    "dateReserved": "2019-11-04T00:00:00.000Z",
    "dateUpdated": "2025-10-21T23:35:51.234Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "cisa_known_exploited": {
      "cveID": "CVE-2020-0688",
      "cwes": "[\"CWE-287\"]",
      "dateAdded": "2021-11-03",
      "dueDate": "2022-05-03",
      "knownRansomwareCampaignUse": "Known",
      "notes": "https://nvd.nist.gov/vuln/detail/CVE-2020-0688",
      "product": "Exchange Server",
      "requiredAction": "Apply updates per vendor instructions.",
      "shortDescription": "Microsoft Exchange Server Validation Key fails to properly create unique keys at install time, allowing for remote code execution.",
      "vendorProject": "Microsoft",
      "vulnerabilityName": "Microsoft Exchange Server Validation Key Remote Code Execution Vulnerability"
    },
    "fkie_nvd": {
      "cisaActionDue": "2022-05-03",
      "cisaExploitAdd": "2021-11-03",
      "cisaRequiredAction": "Apply updates per vendor instructions.",
      "cisaVulnerabilityName": "Microsoft Exchange Server Validation Key Remote Code Execution Vulnerability",
      "configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:microsoft:exchange_server:2010:sp3_rollup_30:*:*:*:*:*:*\", \"matchCriteriaId\": \"276776E0-F9DA-4F18-A984-5E7811465B80\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:microsoft:exchange_server:2013:cumulative_update_23:*:*:*:*:*:*\", \"matchCriteriaId\": \"DA166F2A-D83B-4D50-AD0B-668D813E0585\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_14:*:*:*:*:*:*\", \"matchCriteriaId\": \"55284CF7-0D04-4216-83FE-4B1F9CA94207\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_15:*:*:*:*:*:*\", \"matchCriteriaId\": \"CA2CE223-AA49-49E6-AC32-59270EFF55AD\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:microsoft:exchange_server:2019:cumulative_update_3:*:*:*:*:*:*\", \"matchCriteriaId\": \"104F96DC-E280-4E0A-8586-B043B55888C2\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:microsoft:exchange_server:2019:cumulative_update_4:*:*:*:*:*:*\", \"matchCriteriaId\": \"73B3B3FE-7E85-4B86-A983-2C410FFEF4B8\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"A remote code execution vulnerability exists in Microsoft Exchange software when the software fails to properly handle objects in memory, aka \u0027Microsoft Exchange Memory Corruption Vulnerability\u0027.\"}, {\"lang\": \"es\", \"value\": \"Se presenta una vulnerabilidad de ejecuci\\u00f3n de c\\u00f3digo remota en el software Microsoft Exchange cuando el software no puede manejar apropiadamente los objetos en la memoria, tambi\\u00e9n se conoce como \\\"Microsoft Exchange Memory Corruption Vulnerability\\\".\"}]",
      "id": "CVE-2020-0688",
      "lastModified": "2024-11-21T04:54:00.443",
      "metrics": "{\"cvssMetricV31\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\", \"baseScore\": 8.8, \"baseSeverity\": \"HIGH\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"LOW\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 2.8, \"impactScore\": 5.9}], \"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:L/Au:S/C:C/I:C/A:C\", \"baseScore\": 9.0, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"LOW\", \"authentication\": \"SINGLE\", \"confidentialityImpact\": \"COMPLETE\", \"integrityImpact\": \"COMPLETE\", \"availabilityImpact\": \"COMPLETE\"}, \"baseSeverity\": \"HIGH\", \"exploitabilityScore\": 8.0, \"impactScore\": 10.0, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
      "published": "2020-02-11T22:15:15.900",
      "references": "[{\"url\": \"http://packetstormsecurity.com/files/156592/Microsoft-Exchange-2019-15.2.221.12-Remote-Code-Execution.html\", \"source\": \"secure@microsoft.com\", \"tags\": [\"Exploit\", \"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"http://packetstormsecurity.com/files/156620/Exchange-Control-Panel-Viewstate-Deserialization.html\", \"source\": \"secure@microsoft.com\", \"tags\": [\"Exploit\", \"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0688\", \"source\": \"secure@microsoft.com\", \"tags\": [\"Patch\", \"Vendor Advisory\"]}, {\"url\": \"https://www.zerodayinitiative.com/advisories/ZDI-20-258/\", \"source\": \"secure@microsoft.com\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"http://packetstormsecurity.com/files/156592/Microsoft-Exchange-2019-15.2.221.12-Remote-Code-Execution.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Exploit\", \"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"http://packetstormsecurity.com/files/156620/Exchange-Control-Panel-Viewstate-Deserialization.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Exploit\", \"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0688\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\", \"Vendor Advisory\"]}, {\"url\": \"https://www.zerodayinitiative.com/advisories/ZDI-20-258/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}]",
      "sourceIdentifier": "secure@microsoft.com",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-287\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2020-0688\",\"sourceIdentifier\":\"secure@microsoft.com\",\"published\":\"2020-02-11T22:15:15.900\",\"lastModified\":\"2025-10-29T14:27:21.400\",\"vulnStatus\":\"Analyzed\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"A remote code execution vulnerability exists in Microsoft Exchange software when the software fails to properly handle objects in memory, aka \u0027Microsoft Exchange Memory Corruption Vulnerability\u0027.\"},{\"lang\":\"es\",\"value\":\"Se presenta una vulnerabilidad de ejecuci\u00f3n de c\u00f3digo remota en el software Microsoft Exchange cuando el software no puede manejar apropiadamente los objetos en la memoria, tambi\u00e9n se conoce como \\\"Microsoft Exchange Memory Corruption Vulnerability\\\".\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":8.8,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":2.8,\"impactScore\":5.9},{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":8.8,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":2.8,\"impactScore\":5.9}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:S/C:C/I:C/A:C\",\"baseScore\":9.0,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"SINGLE\",\"confidentialityImpact\":\"COMPLETE\",\"integrityImpact\":\"COMPLETE\",\"availabilityImpact\":\"COMPLETE\"},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":8.0,\"impactScore\":10.0,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"cisaExploitAdd\":\"2021-11-03\",\"cisaActionDue\":\"2022-05-03\",\"cisaRequiredAction\":\"Apply updates per vendor instructions.\",\"cisaVulnerabilityName\":\"Microsoft Exchange Server Validation Key Remote Code Execution Vulnerability\",\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-287\"}]},{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-287\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:microsoft:exchange_server:2010:sp3_rollup_30:*:*:*:*:*:*\",\"matchCriteriaId\":\"276776E0-F9DA-4F18-A984-5E7811465B80\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:microsoft:exchange_server:2013:cumulative_update_23:*:*:*:*:*:*\",\"matchCriteriaId\":\"DA166F2A-D83B-4D50-AD0B-668D813E0585\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_14:*:*:*:*:*:*\",\"matchCriteriaId\":\"55284CF7-0D04-4216-83FE-4B1F9CA94207\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_15:*:*:*:*:*:*\",\"matchCriteriaId\":\"CA2CE223-AA49-49E6-AC32-59270EFF55AD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:microsoft:exchange_server:2019:cumulative_update_3:*:*:*:*:*:*\",\"matchCriteriaId\":\"104F96DC-E280-4E0A-8586-B043B55888C2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:microsoft:exchange_server:2019:cumulative_update_4:*:*:*:*:*:*\",\"matchCriteriaId\":\"73B3B3FE-7E85-4B86-A983-2C410FFEF4B8\"}]}]}],\"references\":[{\"url\":\"http://packetstormsecurity.com/files/156592/Microsoft-Exchange-2019-15.2.221.12-Remote-Code-Execution.html\",\"source\":\"secure@microsoft.com\",\"tags\":[\"Exploit\",\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://packetstormsecurity.com/files/156620/Exchange-Control-Panel-Viewstate-Deserialization.html\",\"source\":\"secure@microsoft.com\",\"tags\":[\"Exploit\",\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0688\",\"source\":\"secure@microsoft.com\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"https://www.zerodayinitiative.com/advisories/ZDI-20-258/\",\"source\":\"secure@microsoft.com\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://packetstormsecurity.com/files/156592/Microsoft-Exchange-2019-15.2.221.12-Remote-Code-Execution.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://packetstormsecurity.com/files/156620/Exchange-Control-Panel-Viewstate-Deserialization.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0688\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"https://www.zerodayinitiative.com/advisories/ZDI-20-258/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2020-0688\",\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"tags\":[\"US Government Resource\"]}]}}",
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0688\", \"tags\": [\"x_refsource_MISC\", \"x_transferred\"]}, {\"url\": \"https://www.zerodayinitiative.com/advisories/ZDI-20-258/\", \"tags\": [\"x_refsource_MISC\", \"x_transferred\"]}, {\"url\": \"http://packetstormsecurity.com/files/156592/Microsoft-Exchange-2019-15.2.221.12-Remote-Code-Execution.html\", \"tags\": [\"x_refsource_MISC\", \"x_transferred\"]}, {\"url\": \"http://packetstormsecurity.com/files/156620/Exchange-Control-Panel-Viewstate-Deserialization.html\", \"tags\": [\"x_refsource_MISC\", \"x_transferred\"]}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2024-08-04T06:11:05.469Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 8.8, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\", \"integrityImpact\": \"HIGH\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"LOW\", \"confidentialityImpact\": \"HIGH\"}}, {\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2020-0688\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"active\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"total\"}], \"version\": \"2.0.3\", \"timestamp\": \"2025-02-04T18:44:23.710392Z\"}}}, {\"other\": {\"type\": \"kev\", \"content\": {\"dateAdded\": \"2021-11-03\", \"reference\": \"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?search_api_fulltext=CVE-2020-0688\"}}}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-287\", \"description\": \"CWE-287 Improper Authentication\"}]}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2025-02-04T18:44:35.003Z\"}}], \"cna\": {\"affected\": [{\"vendor\": \"Microsoft\", \"product\": \"Microsoft Exchange Server 2013\", \"versions\": [{\"status\": \"affected\", \"version\": \"Cumulative Update 23\"}]}, {\"vendor\": \"Microsoft\", \"product\": \"Microsoft Exchange Server 2019 Cumulative Update 3\", \"versions\": [{\"status\": \"affected\", \"version\": \"unspecified\"}]}, {\"vendor\": \"Microsoft\", \"product\": \"Microsoft Exchange Server 2016 Cumulative Update 14\", \"versions\": [{\"status\": \"affected\", \"version\": \"unspecified\"}]}, {\"vendor\": \"Microsoft\", \"product\": \"Microsoft Exchange Server 2016 Cumulative Update 15\", \"versions\": [{\"status\": \"affected\", \"version\": \"unspecified\"}]}, {\"vendor\": \"Microsoft\", \"product\": \"Microsoft Exchange Server 2019 Cumulative Update 4\", \"versions\": [{\"status\": \"affected\", \"version\": \"unspecified\"}]}, {\"vendor\": \"Microsoft\", \"product\": \"Microsoft Exchange Server 2010 Service Pack 3 Update Rollup 30\", \"versions\": [{\"status\": \"affected\", \"version\": \"unspecified\"}]}], \"references\": [{\"url\": \"https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0688\", \"tags\": [\"x_refsource_MISC\"]}, {\"url\": \"https://www.zerodayinitiative.com/advisories/ZDI-20-258/\", \"tags\": [\"x_refsource_MISC\"]}, {\"url\": \"http://packetstormsecurity.com/files/156592/Microsoft-Exchange-2019-15.2.221.12-Remote-Code-Execution.html\", \"tags\": [\"x_refsource_MISC\"]}, {\"url\": \"http://packetstormsecurity.com/files/156620/Exchange-Control-Panel-Viewstate-Deserialization.html\", \"tags\": [\"x_refsource_MISC\"]}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"A remote code execution vulnerability exists in Microsoft Exchange software when the software fails to properly handle objects in memory, aka \u0027Microsoft Exchange Memory Corruption Vulnerability\u0027.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"text\", \"description\": \"Remote Code Execution\"}]}], \"providerMetadata\": {\"orgId\": \"f38d906d-7342-40ea-92c1-6c4a2c6478c8\", \"shortName\": \"microsoft\", \"dateUpdated\": \"2020-03-04T15:06:05.000Z\"}, \"x_legacyV4Record\": {\"affects\": {\"vendor\": {\"vendor_data\": [{\"product\": {\"product_data\": [{\"version\": {\"version_data\": [{\"version_value\": \"Cumulative Update 23\"}]}, \"product_name\": \"Microsoft Exchange Server 2013\"}, {\"version\": {\"version_data\": [{\"version_value\": \"\"}]}, \"product_name\": \"Microsoft Exchange Server 2019 Cumulative Update 3\"}, {\"version\": {\"version_data\": [{\"version_value\": \"\"}]}, \"product_name\": \"Microsoft Exchange Server 2016 Cumulative Update 14\"}, {\"version\": {\"version_data\": [{\"version_value\": \"\"}]}, \"product_name\": \"Microsoft Exchange Server 2016 Cumulative Update 15\"}, {\"version\": {\"version_data\": [{\"version_value\": \"\"}]}, \"product_name\": \"Microsoft Exchange Server 2019 Cumulative Update 4\"}, {\"version\": {\"version_data\": [{\"version_value\": \"\"}]}, \"product_name\": \"Microsoft Exchange Server 2010 Service Pack 3 Update Rollup 30\"}]}, \"vendor_name\": \"Microsoft\"}]}}, \"data_type\": \"CVE\", \"references\": {\"reference_data\": [{\"url\": \"https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0688\", \"name\": \"https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0688\", \"refsource\": \"MISC\"}, {\"url\": \"https://www.zerodayinitiative.com/advisories/ZDI-20-258/\", \"name\": \"https://www.zerodayinitiative.com/advisories/ZDI-20-258/\", \"refsource\": \"MISC\"}, {\"url\": \"http://packetstormsecurity.com/files/156592/Microsoft-Exchange-2019-15.2.221.12-Remote-Code-Execution.html\", \"name\": \"http://packetstormsecurity.com/files/156592/Microsoft-Exchange-2019-15.2.221.12-Remote-Code-Execution.html\", \"refsource\": \"MISC\"}, {\"url\": \"http://packetstormsecurity.com/files/156620/Exchange-Control-Panel-Viewstate-Deserialization.html\", \"name\": \"http://packetstormsecurity.com/files/156620/Exchange-Control-Panel-Viewstate-Deserialization.html\", \"refsource\": \"MISC\"}]}, \"data_format\": \"MITRE\", \"description\": {\"description_data\": [{\"lang\": \"eng\", \"value\": \"A remote code execution vulnerability exists in Microsoft Exchange software when the software fails to properly handle objects in memory, aka \u0027Microsoft Exchange Memory Corruption Vulnerability\u0027.\"}]}, \"problemtype\": {\"problemtype_data\": [{\"description\": [{\"lang\": \"eng\", \"value\": \"Remote Code Execution\"}]}]}, \"data_version\": \"4.0\", \"CVE_data_meta\": {\"ID\": \"CVE-2020-0688\", \"STATE\": \"PUBLIC\", \"ASSIGNER\": \"secure@microsoft.com\"}}}}",
      "cveMetadata": "{\"cveId\": \"CVE-2020-0688\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-02-04T18:45:35.492Z\", \"dateReserved\": \"2019-11-04T00:00:00.000Z\", \"assignerOrgId\": \"f38d906d-7342-40ea-92c1-6c4a2c6478c8\", \"datePublished\": \"2020-02-11T21:22:59.000Z\", \"assignerShortName\": \"microsoft\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }
  }
}

CNVD-2020-14284

Vulnerability from cnvd - Published: 2020-02-28

Title

Microsoft Exchange验证密钥远程代码执行漏洞

Description

Microsoft Exchange Server是美国微软（Microsoft）公司的一套电子邮件服务程序，它提供邮件存取、储存、转发，语音邮件，邮件过滤筛选等功能。 Microsoft Exchange Server存在远程代码执行漏洞，该漏洞源于程序未能正确处理内存中的对象。攻击者可借助特制的电子邮件利用该漏洞在系统用户的上下文中运行任意代码。

Severity

高

Patch Name

Microsoft Exchange验证密钥远程代码执行漏洞的补丁

Patch Description

Formal description

厂商已发布了漏洞修复程序，请及时关注更新： https://portal.msrc.microsoft.com/zh-CN/security-guidance/advisory/CVE-2020-0688

Reference

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0688

Impacted products

Name
['Microsoft Exchange Server 2013 Cumulative Update 23', 'Microsoft Exchange Server 2010 Service Pack 3 Update Rollup 30', 'Microsoft Exchange Server 2016 Cumulative Update 14', 'Microsoft Exchange Server 2016 Cumulative Update 15', 'Microsoft Exchange Server 2019 Cumulative Update 4', 'Microsoft Exchange Server 2019 Cumulative Update 3']

Show details on source website

JSON

To clipboard

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2020-0688",
      "cveUrl": "https://nvd.nist.gov/vuln/detail/CVE-2020-0688"
    }
  },
  "description": "Microsoft Exchange Server\u662f\u7f8e\u56fd\u5fae\u8f6f\uff08Microsoft\uff09\u516c\u53f8\u7684\u4e00\u5957\u7535\u5b50\u90ae\u4ef6\u670d\u52a1\u7a0b\u5e8f\uff0c\u5b83\u63d0\u4f9b\u90ae\u4ef6\u5b58\u53d6\u3001\u50a8\u5b58\u3001\u8f6c\u53d1\uff0c\u8bed\u97f3\u90ae\u4ef6\uff0c\u90ae\u4ef6\u8fc7\u6ee4\u7b5b\u9009\u7b49\u529f\u80fd\u3002\n\nMicrosoft Exchange Server\u5b58\u5728\u8fdc\u7a0b\u4ee3\u7801\u6267\u884c\u6f0f\u6d1e\uff0c\u8be5\u6f0f\u6d1e\u6e90\u4e8e\u7a0b\u5e8f\u672a\u80fd\u6b63\u786e\u5904\u7406\u5185\u5b58\u4e2d\u7684\u5bf9\u8c61\u3002\u653b\u51fb\u8005\u53ef\u501f\u52a9\u7279\u5236\u7684\u7535\u5b50\u90ae\u4ef6\u5229\u7528\u8be5\u6f0f\u6d1e\u5728\u7cfb\u7edf\u7528\u6237\u7684\u4e0a\u4e0b\u6587\u4e2d\u8fd0\u884c\u4efb\u610f\u4ee3\u7801\u3002",
  "formalWay": "\u5382\u5546\u5df2\u53d1\u5e03\u4e86\u6f0f\u6d1e\u4fee\u590d\u7a0b\u5e8f\uff0c\u8bf7\u53ca\u65f6\u5173\u6ce8\u66f4\u65b0\uff1a\r\nhttps://portal.msrc.microsoft.com/zh-CN/security-guidance/advisory/CVE-2020-0688",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2020-14284",
  "openTime": "2020-02-28",
  "patchDescription": "Microsoft Exchange Server\u662f\u7f8e\u56fd\u5fae\u8f6f\uff08Microsoft\uff09\u516c\u53f8\u7684\u4e00\u5957\u7535\u5b50\u90ae\u4ef6\u670d\u52a1\u7a0b\u5e8f\uff0c\u5b83\u63d0\u4f9b\u90ae\u4ef6\u5b58\u53d6\u3001\u50a8\u5b58\u3001\u8f6c\u53d1\uff0c\u8bed\u97f3\u90ae\u4ef6\uff0c\u90ae\u4ef6\u8fc7\u6ee4\u7b5b\u9009\u7b49\u529f\u80fd\u3002\r\n\r\nMicrosoft Exchange Server\u5b58\u5728\u8fdc\u7a0b\u4ee3\u7801\u6267\u884c\u6f0f\u6d1e\uff0c\u8be5\u6f0f\u6d1e\u6e90\u4e8e\u7a0b\u5e8f\u672a\u80fd\u6b63\u786e\u5904\u7406\u5185\u5b58\u4e2d\u7684\u5bf9\u8c61\u3002\u653b\u51fb\u8005\u53ef\u501f\u52a9\u7279\u5236\u7684\u7535\u5b50\u90ae\u4ef6\u5229\u7528\u8be5\u6f0f\u6d1e\u5728\u7cfb\u7edf\u7528\u6237\u7684\u4e0a\u4e0b\u6587\u4e2d\u8fd0\u884c\u4efb\u610f\u4ee3\u7801\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "Microsoft Exchange\u9a8c\u8bc1\u5bc6\u94a5\u8fdc\u7a0b\u4ee3\u7801\u6267\u884c\u6f0f\u6d1e\u7684\u8865\u4e01",
  "products": {
    "product": [
      "Microsoft Exchange Server 2013 Cumulative Update 23",
      "Microsoft Exchange Server 2010 Service Pack 3 Update Rollup 30",
      "Microsoft Exchange Server 2016 Cumulative Update 14",
      "Microsoft Exchange Server 2016 Cumulative Update 15",
      "Microsoft Exchange Server 2019 Cumulative Update 4",
      "Microsoft Exchange Server 2019 Cumulative Update 3"
    ]
  },
  "referenceLink": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0688",
  "serverity": "\u9ad8",
  "submitTime": "2020-02-17",
  "title": "Microsoft Exchange\u9a8c\u8bc1\u5bc6\u94a5\u8fdc\u7a0b\u4ee3\u7801\u6267\u884c\u6f0f\u6d1e"
}

CERTFR-2020-AVI-082

Vulnerability from certfr_avis - Published: - Updated:

De multiples vulnérabilités ont été corrigées dans les produits Microsoft. Elles permettent à un attaquant de provoquer une élévation de privilèges, une exécution de code à distance et un contournement de la fonctionnalité de sécurité.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
Microsoft	N/A	Microsoft Exchange Server 2013 Cumulative Update 23
Microsoft	N/A	Microsoft Exchange Server 2010 Service Pack 3 Update Rollup 30
Microsoft	N/A	Microsoft Exchange Server 2019 Cumulative Update 4
Microsoft	N/A	ChakraCore
Microsoft	N/A	Microsoft SQL Server 2016 pour systèmes x64 Service Pack 2 (CU)
Microsoft	N/A	Microsoft SQL Server 2014 Service Pack 3 pour systèmes 32 bits (CU)
Microsoft	N/A	Microsoft SQL Server 2012 pour systèmes 32 bits Service Pack 4 (QFE)
Microsoft	N/A	Microsoft Exchange Server 2019 Cumulative Update 3
Microsoft	N/A	Microsoft SQL Server 2014 Service Pack 3 pour systèmes x64 (GDR)
Microsoft	N/A	Microsoft Exchange Server 2016 Cumulative Update 14
Microsoft	N/A	Microsoft Surface Hub
Microsoft	N/A	Microsoft SQL Server 2012 pour systèmes x64 Service Pack 4 (QFE)
Microsoft	N/A	Microsoft Exchange Server 2016 Cumulative Update 15
Microsoft	N/A	Microsoft SQL Server 2016 pour systèmes x64 Service Pack 2 (GDR)
Microsoft	N/A	Microsoft SQL Server 2014 Service Pack 3 pour systèmes 32 bits (GDR)
Microsoft	N/A	Microsoft SQL Server 2014 Service Pack 3 pour systèmes x64 (CU)

References

Title

Publication Time

Tags

Bulletin de sécurité Microsoft du 10 février 2020

None

vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Microsoft Exchange Server 2013 Cumulative Update 23",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Microsoft Exchange Server 2010 Service Pack 3 Update Rollup 30",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Microsoft Exchange Server 2019 Cumulative Update 4",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "ChakraCore",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Microsoft SQL Server 2016 pour syst\u00e8mes x64 Service Pack 2 (CU)",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Microsoft SQL Server 2014 Service Pack 3 pour syst\u00e8mes 32 bits (CU)",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Microsoft SQL Server 2012 pour syst\u00e8mes 32 bits Service Pack 4 (QFE)",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Microsoft Exchange Server 2019 Cumulative Update 3",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Microsoft SQL Server 2014 Service Pack 3 pour syst\u00e8mes x64 (GDR)",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Microsoft Exchange Server 2016 Cumulative Update 14",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Microsoft Surface Hub",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Microsoft SQL Server 2012 pour syst\u00e8mes x64 Service Pack 4 (QFE)",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Microsoft Exchange Server 2016 Cumulative Update 15",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Microsoft SQL Server 2016 pour syst\u00e8mes x64 Service Pack 2 (GDR)",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Microsoft SQL Server 2014 Service Pack 3 pour syst\u00e8mes 32 bits (GDR)",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Microsoft SQL Server 2014 Service Pack 3 pour syst\u00e8mes x64 (CU)",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2020-0710",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-0710"
    },
    {
      "name": "CVE-2020-0713",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-0713"
    },
    {
      "name": "CVE-2020-0688",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-0688"
    },
    {
      "name": "CVE-2020-0767",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-0767"
    },
    {
      "name": "CVE-2020-0712",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-0712"
    },
    {
      "name": "CVE-2020-0711",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-0711"
    },
    {
      "name": "CVE-2020-0618",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-0618"
    },
    {
      "name": "CVE-2020-0702",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-0702"
    },
    {
      "name": "CVE-2020-0692",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-0692"
    }
  ],
  "links": [],
  "reference": "CERTFR-2020-AVI-082",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2020-02-11T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "Contournement de la fonctionnalit\u00e9 de s\u00e9curit\u00e9"
    },
    {
      "description": "\u00c9l\u00e9vation de privil\u00e8ges"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans \u003cspan\nclass=\"textit\"\u003eles produits Microsoft\u003c/span\u003e. Elles permettent \u00e0 un\nattaquant de provoquer une \u00e9l\u00e9vation de privil\u00e8ges, une ex\u00e9cution de\ncode \u00e0 distance et un contournement de la fonctionnalit\u00e9 de s\u00e9curit\u00e9.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Microsoft",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft du 10 f\u00e9vrier 2020",
      "url": "https://portal.msrc.microsoft.com/fr-FR/security-guidance"
    }
  ]
}

CERTFR-2020-AVI-082

Vulnerability from certfr_avis - Published: - Updated:

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
Microsoft	N/A	Microsoft Exchange Server 2013 Cumulative Update 23
Microsoft	N/A	Microsoft Exchange Server 2010 Service Pack 3 Update Rollup 30
Microsoft	N/A	Microsoft Exchange Server 2019 Cumulative Update 4
Microsoft	N/A	ChakraCore
Microsoft	N/A	Microsoft SQL Server 2016 pour systèmes x64 Service Pack 2 (CU)
Microsoft	N/A	Microsoft SQL Server 2014 Service Pack 3 pour systèmes 32 bits (CU)
Microsoft	N/A	Microsoft SQL Server 2012 pour systèmes 32 bits Service Pack 4 (QFE)
Microsoft	N/A	Microsoft Exchange Server 2019 Cumulative Update 3
Microsoft	N/A	Microsoft SQL Server 2014 Service Pack 3 pour systèmes x64 (GDR)
Microsoft	N/A	Microsoft Exchange Server 2016 Cumulative Update 14
Microsoft	N/A	Microsoft Surface Hub
Microsoft	N/A	Microsoft SQL Server 2012 pour systèmes x64 Service Pack 4 (QFE)
Microsoft	N/A	Microsoft Exchange Server 2016 Cumulative Update 15
Microsoft	N/A	Microsoft SQL Server 2016 pour systèmes x64 Service Pack 2 (GDR)
Microsoft	N/A	Microsoft SQL Server 2014 Service Pack 3 pour systèmes 32 bits (GDR)
Microsoft	N/A	Microsoft SQL Server 2014 Service Pack 3 pour systèmes x64 (CU)

References

Title

Publication Time

Tags

Bulletin de sécurité Microsoft du 10 février 2020

None

vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Microsoft Exchange Server 2013 Cumulative Update 23",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Microsoft Exchange Server 2010 Service Pack 3 Update Rollup 30",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Microsoft Exchange Server 2019 Cumulative Update 4",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "ChakraCore",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Microsoft SQL Server 2016 pour syst\u00e8mes x64 Service Pack 2 (CU)",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Microsoft SQL Server 2014 Service Pack 3 pour syst\u00e8mes 32 bits (CU)",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Microsoft SQL Server 2012 pour syst\u00e8mes 32 bits Service Pack 4 (QFE)",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Microsoft Exchange Server 2019 Cumulative Update 3",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Microsoft SQL Server 2014 Service Pack 3 pour syst\u00e8mes x64 (GDR)",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Microsoft Exchange Server 2016 Cumulative Update 14",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Microsoft Surface Hub",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Microsoft SQL Server 2012 pour syst\u00e8mes x64 Service Pack 4 (QFE)",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Microsoft Exchange Server 2016 Cumulative Update 15",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Microsoft SQL Server 2016 pour syst\u00e8mes x64 Service Pack 2 (GDR)",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Microsoft SQL Server 2014 Service Pack 3 pour syst\u00e8mes 32 bits (GDR)",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Microsoft SQL Server 2014 Service Pack 3 pour syst\u00e8mes x64 (CU)",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2020-0710",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-0710"
    },
    {
      "name": "CVE-2020-0713",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-0713"
    },
    {
      "name": "CVE-2020-0688",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-0688"
    },
    {
      "name": "CVE-2020-0767",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-0767"
    },
    {
      "name": "CVE-2020-0712",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-0712"
    },
    {
      "name": "CVE-2020-0711",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-0711"
    },
    {
      "name": "CVE-2020-0618",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-0618"
    },
    {
      "name": "CVE-2020-0702",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-0702"
    },
    {
      "name": "CVE-2020-0692",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-0692"
    }
  ],
  "links": [],
  "reference": "CERTFR-2020-AVI-082",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2020-02-11T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "Contournement de la fonctionnalit\u00e9 de s\u00e9curit\u00e9"
    },
    {
      "description": "\u00c9l\u00e9vation de privil\u00e8ges"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans \u003cspan\nclass=\"textit\"\u003eles produits Microsoft\u003c/span\u003e. Elles permettent \u00e0 un\nattaquant de provoquer une \u00e9l\u00e9vation de privil\u00e8ges, une ex\u00e9cution de\ncode \u00e0 distance et un contournement de la fonctionnalit\u00e9 de s\u00e9curit\u00e9.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Microsoft",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft du 10 f\u00e9vrier 2020",
      "url": "https://portal.msrc.microsoft.com/fr-FR/security-guidance"
    }
  ]
}

CERTFR-2020-ALE-007

Vulnerability from certfr_alerte - Published: - Updated:

[Mise à jour du 18 mars 2020]

Des rapports publiés en source ouverte font état d'un faible taux de mise à jour des serveurs Microsoft Exchange alors que les codes d'exploitation sont disponibles.

Le CERT-FR rappelle qu'il suffit à un attaquant de trouver le compte d'un utilisateur et son mot de passe pour pouvoir compromettre un serveur Microsoft Exchange et ensuite obtenir les droits de l'administrateur de domaine Active Directory du Système d'Information.

Le CERT-FR recommande l'application du correctif dans les plus brefs délais.

[Publication initiale]

Le CERT-FR a connaissance de campagnes de détection de la vulnérabilité CVE-2020-0688 affectant le serveur Exchange de Microsoft. Une campagne de détection fait partie de la phase de reconnaissance qui est préalable à la phase d'exploitation.

Pour rappel, la vulnérabilité CVE-2020-0688 permet une exécution de code arbitraire à distance. Microsoft a publié un correctif de sécurité pour cette vulnérabilité dans le cadre de sa mise à jour mensuelle de février 2020.

Si ce n'est déjà fait, le CERT-FR recommande l'application du correctif dans les plus brefs délais.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

[Précision] Les versions ci-dessous sont les premières à intégrer le correctif pour la vulnérabilité CVE-2020-0688.

Microsoft Exchange Server 2010 Service Pack 3 Update Rollup 30
Microsoft Exchange Server 2013 Cumulative Update 23
Microsoft Exchange Server 2016 Cumulative Update 14
Microsoft Exchange Server 2016 Cumulative Update 15
Microsoft Exchange Server 2019 Cumulative Update 3
Microsoft Exchange Server 2019 Cumulative Update 4

Impacted products

	Vendor	Product	Description

References

Title

Publication Time

Tags

Bulletin de sécurité Microsoft CVE-2020-0688 du 10 février 2020	None	vendor-advisory
Avis CERT-FR CERTFR-2020-AVI-082 du 11 février 2020	-	other

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [],
  "affected_systems_content": "\u003cp\u003e\u003cstrong\u003e[Pr\u00e9cision] Les versions ci-dessous sont les premi\u00e8res \u00e0 int\u00e9grer le correctif pour la vuln\u00e9rabilit\u00e9\u00a0CVE-2020-0688.\u003c/strong\u003e\u003c/p\u003e \u003cul\u003e \u003cli\u003eMicrosoft Exchange Server 2010 Service Pack 3 Update Rollup 30\u003c/li\u003e \u003cli\u003eMicrosoft Exchange Server 2013 Cumulative Update 23\u003c/li\u003e \u003cli\u003eMicrosoft Exchange Server 2016 Cumulative Update 14\u003c/li\u003e \u003cli\u003eMicrosoft Exchange Server 2016 Cumulative Update 15\u003c/li\u003e \u003cli\u003eMicrosoft Exchange Server 2019 Cumulative Update 3\u003c/li\u003e \u003cli\u003eMicrosoft Exchange Server 2019 Cumulative Update 4\u003c/li\u003e \u003c/ul\u003e ",
  "closed_at": "2020-05-05",
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2020-0692",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-0692"
    },
    {
      "name": "CVE-2020-0688",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-0688"
    }
  ],
  "links": [
    {
      "title": "Avis CERT-FR CERTFR-2020-AVI-082 du 11 f\u00e9vrier 2020",
      "url": "https://www.cert.ssi.gouv.fr/avis/CERTFR-2020-AVI-082/"
    }
  ],
  "reference": "CERTFR-2020-ALE-007",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2020-02-27T00:00:00.000000"
    },
    {
      "description": "Ajout d\u0027une pr\u00e9cision sur les versions vuln\u00e9rables.",
      "revision_date": "2020-02-28T00:00:00.000000"
    },
    {
      "description": "Elevation de la menace",
      "revision_date": "2020-03-18T00:00:00.000000"
    },
    {
      "description": "Cl\u00f4ture de l\u0027alerte. Cela ne signifie pas la fin d\u0027une menace. Seule l\u0027application de la mise \u00e0 jour permet de vous pr\u00e9munir contre l\u0027exploitation de la vuln\u00e9rabilit\u00e9 correspondante.",
      "revision_date": "2020-05-05T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    }
  ],
  "summary": "\u003cstrong\u003e\\[Mise \u00e0 jour du 18 mars 2020\\]\u003c/strong\u003e\n\nDes rapports publi\u00e9s en source ouverte font \u00e9tat d\u0027un faible taux de\nmise \u00e0 jour des serveurs *Microsoft Exchange* alors que les codes\nd\u0027exploitation sont disponibles.\n\nLe CERT-FR rappelle qu\u0027il suffit \u00e0 un attaquant de trouver le compte\nd\u0027un utilisateur et son mot de passe pour pouvoir compromettre un\nserveur *Microsoft Exchange* et ensuite obtenir les droits de\nl\u0027administrateur de domaine *Active Directory* du Syst\u00e8me d\u0027Information.\n\n\u003cstrong\u003eLe CERT-FR recommande l\u0027application du correctif dans les plus brefs\nd\u00e9lais.\u003c/strong\u003e\n\n\u003cstrong\u003e\\[Publication initiale\\]\u003c/strong\u003e\n\nLe CERT-FR a connaissance de campagnes de d\u00e9tection de la\nvuln\u00e9rabilit\u00e9\u00a0CVE-2020-0688 affectant le serveur Exchange de Microsoft.\nUne campagne de d\u00e9tection fait partie de la phase de reconnaissance qui\nest pr\u00e9alable \u00e0 la phase d\u0027exploitation.\n\nPour rappel, la vuln\u00e9rabilit\u00e9\u00a0CVE-2020-0688\u00a0permet une ex\u00e9cution de code\narbitraire \u00e0 distance. Microsoft a publi\u00e9 un correctif de s\u00e9curit\u00e9 pour\ncette vuln\u00e9rabilit\u00e9 dans le cadre de sa mise \u00e0 jour mensuelle de f\u00e9vrier\n2020.\n\nSi ce n\u0027est d\u00e9j\u00e0 fait, le CERT-FR recommande l\u0027application du correctif\ndans les plus brefs d\u00e9lais.\n",
  "title": "Vuln\u00e9rabilit\u00e9 dans Microsoft Exchange Server",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2020-0688 du 10 f\u00e9vrier 2020",
      "url": "https://portal.msrc.microsoft.com/fr-FR/security-guidance/advisory/CVE-2020-0688"
    }
  ]
}

CERTFR-2020-ALE-007

Vulnerability from certfr_alerte - Published: - Updated:

[Mise à jour du 18 mars 2020]

Des rapports publiés en source ouverte font état d'un faible taux de mise à jour des serveurs Microsoft Exchange alors que les codes d'exploitation sont disponibles.

Le CERT-FR recommande l'application du correctif dans les plus brefs délais.

[Publication initiale]

Si ce n'est déjà fait, le CERT-FR recommande l'application du correctif dans les plus brefs délais.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

[Précision] Les versions ci-dessous sont les premières à intégrer le correctif pour la vulnérabilité CVE-2020-0688.

Microsoft Exchange Server 2010 Service Pack 3 Update Rollup 30
Microsoft Exchange Server 2013 Cumulative Update 23
Microsoft Exchange Server 2016 Cumulative Update 14
Microsoft Exchange Server 2016 Cumulative Update 15
Microsoft Exchange Server 2019 Cumulative Update 3
Microsoft Exchange Server 2019 Cumulative Update 4

Impacted products

	Vendor	Product	Description

References

Title

Publication Time

Tags

Bulletin de sécurité Microsoft CVE-2020-0688 du 10 février 2020	None	vendor-advisory
Avis CERT-FR CERTFR-2020-AVI-082 du 11 février 2020	-	other

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [],
  "affected_systems_content": "\u003cp\u003e\u003cstrong\u003e[Pr\u00e9cision] Les versions ci-dessous sont les premi\u00e8res \u00e0 int\u00e9grer le correctif pour la vuln\u00e9rabilit\u00e9\u00a0CVE-2020-0688.\u003c/strong\u003e\u003c/p\u003e \u003cul\u003e \u003cli\u003eMicrosoft Exchange Server 2010 Service Pack 3 Update Rollup 30\u003c/li\u003e \u003cli\u003eMicrosoft Exchange Server 2013 Cumulative Update 23\u003c/li\u003e \u003cli\u003eMicrosoft Exchange Server 2016 Cumulative Update 14\u003c/li\u003e \u003cli\u003eMicrosoft Exchange Server 2016 Cumulative Update 15\u003c/li\u003e \u003cli\u003eMicrosoft Exchange Server 2019 Cumulative Update 3\u003c/li\u003e \u003cli\u003eMicrosoft Exchange Server 2019 Cumulative Update 4\u003c/li\u003e \u003c/ul\u003e ",
  "closed_at": "2020-05-05",
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2020-0692",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-0692"
    },
    {
      "name": "CVE-2020-0688",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-0688"
    }
  ],
  "links": [
    {
      "title": "Avis CERT-FR CERTFR-2020-AVI-082 du 11 f\u00e9vrier 2020",
      "url": "https://www.cert.ssi.gouv.fr/avis/CERTFR-2020-AVI-082/"
    }
  ],
  "reference": "CERTFR-2020-ALE-007",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2020-02-27T00:00:00.000000"
    },
    {
      "description": "Ajout d\u0027une pr\u00e9cision sur les versions vuln\u00e9rables.",
      "revision_date": "2020-02-28T00:00:00.000000"
    },
    {
      "description": "Elevation de la menace",
      "revision_date": "2020-03-18T00:00:00.000000"
    },
    {
      "description": "Cl\u00f4ture de l\u0027alerte. Cela ne signifie pas la fin d\u0027une menace. Seule l\u0027application de la mise \u00e0 jour permet de vous pr\u00e9munir contre l\u0027exploitation de la vuln\u00e9rabilit\u00e9 correspondante.",
      "revision_date": "2020-05-05T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    }
  ],
  "summary": "\u003cstrong\u003e\\[Mise \u00e0 jour du 18 mars 2020\\]\u003c/strong\u003e\n\nDes rapports publi\u00e9s en source ouverte font \u00e9tat d\u0027un faible taux de\nmise \u00e0 jour des serveurs *Microsoft Exchange* alors que les codes\nd\u0027exploitation sont disponibles.\n\nLe CERT-FR rappelle qu\u0027il suffit \u00e0 un attaquant de trouver le compte\nd\u0027un utilisateur et son mot de passe pour pouvoir compromettre un\nserveur *Microsoft Exchange* et ensuite obtenir les droits de\nl\u0027administrateur de domaine *Active Directory* du Syst\u00e8me d\u0027Information.\n\n\u003cstrong\u003eLe CERT-FR recommande l\u0027application du correctif dans les plus brefs\nd\u00e9lais.\u003c/strong\u003e\n\n\u003cstrong\u003e\\[Publication initiale\\]\u003c/strong\u003e\n\nLe CERT-FR a connaissance de campagnes de d\u00e9tection de la\nvuln\u00e9rabilit\u00e9\u00a0CVE-2020-0688 affectant le serveur Exchange de Microsoft.\nUne campagne de d\u00e9tection fait partie de la phase de reconnaissance qui\nest pr\u00e9alable \u00e0 la phase d\u0027exploitation.\n\nPour rappel, la vuln\u00e9rabilit\u00e9\u00a0CVE-2020-0688\u00a0permet une ex\u00e9cution de code\narbitraire \u00e0 distance. Microsoft a publi\u00e9 un correctif de s\u00e9curit\u00e9 pour\ncette vuln\u00e9rabilit\u00e9 dans le cadre de sa mise \u00e0 jour mensuelle de f\u00e9vrier\n2020.\n\nSi ce n\u0027est d\u00e9j\u00e0 fait, le CERT-FR recommande l\u0027application du correctif\ndans les plus brefs d\u00e9lais.\n",
  "title": "Vuln\u00e9rabilit\u00e9 dans Microsoft Exchange Server",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2020-0688 du 10 f\u00e9vrier 2020",
      "url": "https://portal.msrc.microsoft.com/fr-FR/security-guidance/advisory/CVE-2020-0688"
    }
  ]
}

FKIE_CVE-2020-0688

Vulnerability from fkie_nvd - Published: 2020-02-11 22:15 - Updated: 2025-10-29 14:27

CISA KEV

Severity ?

8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Summary

A remote code execution vulnerability exists in Microsoft Exchange software when the software fails to properly handle objects in memory, aka 'Microsoft Exchange Memory Corruption Vulnerability'.

References

URL	Tags
secure@microsoft.com	http://packetstormsecurity.com/files/156592/Microsoft-Exchange-2019-15.2.221.12-Remote-Code-Execution.html	Exploit, Third Party Advisory, VDB Entry
secure@microsoft.com	http://packetstormsecurity.com/files/156620/Exchange-Control-Panel-Viewstate-Deserialization.html	Exploit, Third Party Advisory, VDB Entry
secure@microsoft.com	https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0688	Patch, Vendor Advisory
secure@microsoft.com	https://www.zerodayinitiative.com/advisories/ZDI-20-258/	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	http://packetstormsecurity.com/files/156592/Microsoft-Exchange-2019-15.2.221.12-Remote-Code-Execution.html	Exploit, Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	http://packetstormsecurity.com/files/156620/Exchange-Control-Panel-Viewstate-Deserialization.html	Exploit, Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0688	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://www.zerodayinitiative.com/advisories/ZDI-20-258/	Third Party Advisory, VDB Entry
134c704f-9b21-4f2e-91b3-4a467353bcc0	https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2020-0688	US Government Resource

Impacted products

Vendor	Product	Version
microsoft	exchange_server	2010
microsoft	exchange_server	2013
microsoft	exchange_server	2016
microsoft	exchange_server	2016
microsoft	exchange_server	2019
microsoft	exchange_server	2019

JSON

To clipboard

{
  "cisaActionDue": "2022-05-03",
  "cisaExploitAdd": "2021-11-03",
  "cisaRequiredAction": "Apply updates per vendor instructions.",
  "cisaVulnerabilityName": "Microsoft Exchange Server Validation Key Remote Code Execution Vulnerability",
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:microsoft:exchange_server:2010:sp3_rollup_30:*:*:*:*:*:*",
              "matchCriteriaId": "276776E0-F9DA-4F18-A984-5E7811465B80",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:exchange_server:2013:cumulative_update_23:*:*:*:*:*:*",
              "matchCriteriaId": "DA166F2A-D83B-4D50-AD0B-668D813E0585",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_14:*:*:*:*:*:*",
              "matchCriteriaId": "55284CF7-0D04-4216-83FE-4B1F9CA94207",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_15:*:*:*:*:*:*",
              "matchCriteriaId": "CA2CE223-AA49-49E6-AC32-59270EFF55AD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:exchange_server:2019:cumulative_update_3:*:*:*:*:*:*",
              "matchCriteriaId": "104F96DC-E280-4E0A-8586-B043B55888C2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:exchange_server:2019:cumulative_update_4:*:*:*:*:*:*",
              "matchCriteriaId": "73B3B3FE-7E85-4B86-A983-2C410FFEF4B8",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A remote code execution vulnerability exists in Microsoft Exchange software when the software fails to properly handle objects in memory, aka \u0027Microsoft Exchange Memory Corruption Vulnerability\u0027."
    },
    {
      "lang": "es",
      "value": "Se presenta una vulnerabilidad de ejecuci\u00f3n de c\u00f3digo remota en el software Microsoft Exchange cuando el software no puede manejar apropiadamente los objetos en la memoria, tambi\u00e9n se conoce como \"Microsoft Exchange Memory Corruption Vulnerability\"."
    }
  ],
  "id": "CVE-2020-0688",
  "lastModified": "2025-10-29T14:27:21.400",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "SINGLE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 9.0,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 8.0,
        "impactScore": 10.0,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 8.8,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 8.8,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 5.9,
        "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
        "type": "Secondary"
      }
    ]
  },
  "published": "2020-02-11T22:15:15.900",
  "references": [
    {
      "source": "secure@microsoft.com",
      "tags": [
        "Exploit",
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://packetstormsecurity.com/files/156592/Microsoft-Exchange-2019-15.2.221.12-Remote-Code-Execution.html"
    },
    {
      "source": "secure@microsoft.com",
      "tags": [
        "Exploit",
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://packetstormsecurity.com/files/156620/Exchange-Control-Panel-Viewstate-Deserialization.html"
    },
    {
      "source": "secure@microsoft.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0688"
    },
    {
      "source": "secure@microsoft.com",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "https://www.zerodayinitiative.com/advisories/ZDI-20-258/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit",
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://packetstormsecurity.com/files/156592/Microsoft-Exchange-2019-15.2.221.12-Remote-Code-Execution.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit",
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://packetstormsecurity.com/files/156620/Exchange-Control-Panel-Viewstate-Deserialization.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0688"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "https://www.zerodayinitiative.com/advisories/ZDI-20-258/"
    },
    {
      "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
      "tags": [
        "US Government Resource"
      ],
      "url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2020-0688"
    }
  ],
  "sourceIdentifier": "secure@microsoft.com",
  "vulnStatus": "Analyzed",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-287"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-287"
        }
      ],
      "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
      "type": "Secondary"
    }
  ]
}

GHSA-4G56-8MC7-HPJQ

Vulnerability from github – Published: 2022-05-24 17:08 – Updated: 2025-10-22 00:31

Details

A remote code execution vulnerability exists in Microsoft Exchange software when the software fails to properly handle objects in memory, aka 'Microsoft Exchange Memory Corruption Vulnerability'.

Severity ?

8.8 (High)


                  
                    CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2020-0688"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-287",
      "CWE-502",
      "CWE-798"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2020-02-11T22:15:00Z",
    "severity": "HIGH"
  },
  "details": "A remote code execution vulnerability exists in Microsoft Exchange software when the software fails to properly handle objects in memory, aka \u0027Microsoft Exchange Memory Corruption Vulnerability\u0027.",
  "id": "GHSA-4g56-8mc7-hpjq",
  "modified": "2025-10-22T00:31:50Z",
  "published": "2022-05-24T17:08:27Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-0688"
    },
    {
      "type": "WEB",
      "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0688"
    },
    {
      "type": "WEB",
      "url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2020-0688"
    },
    {
      "type": "WEB",
      "url": "https://www.zerodayinitiative.com/advisories/ZDI-20-258"
    },
    {
      "type": "WEB",
      "url": "http://packetstormsecurity.com/files/156592/Microsoft-Exchange-2019-15.2.221.12-Remote-Code-Execution.html"
    },
    {
      "type": "WEB",
      "url": "http://packetstormsecurity.com/files/156620/Exchange-Control-Panel-Viewstate-Deserialization.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GSD-2020-0688

Vulnerability from gsd - Updated: 2023-12-13 01:21

Details

A remote code execution vulnerability exists in Microsoft Exchange software when the software fails to properly handle objects in memory, aka 'Microsoft Exchange Memory Corruption Vulnerability'.

Aliases

CVE-2020-0688

Aliases

CVE-2020-0688

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2020-0688",
    "description": "A remote code execution vulnerability exists in Microsoft Exchange software when the software fails to properly handle objects in memory, aka \u0027Microsoft Exchange Memory Corruption Vulnerability\u0027.",
    "id": "GSD-2020-0688",
    "references": [
      "https://packetstormsecurity.com/files/cve/CVE-2020-0688"
    ]
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2020-0688"
      ],
      "details": "A remote code execution vulnerability exists in Microsoft Exchange software when the software fails to properly handle objects in memory, aka \u0027Microsoft Exchange Memory Corruption Vulnerability\u0027.",
      "id": "GSD-2020-0688",
      "modified": "2023-12-13T01:21:45.182748Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cisa.gov": {
      "cveID": "CVE-2020-0688",
      "dateAdded": "2021-11-03",
      "dueDate": "2022-05-03",
      "product": "Microsoft Exchange Server",
      "requiredAction": "Apply updates per vendor instructions.",
      "shortDescription": "A remote code execution vulnerability exists in Microsoft Exchange software when the software fails to properly handle objects in memory, aka \u0027Microsoft Exchange Memory Corruption Vulnerability\u0027.",
      "vendorProject": "Microsoft",
      "vulnerabilityName": "Microsoft Exchange Server Key Validation Vulnerability"
    },
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "secure@microsoft.com",
        "ID": "CVE-2020-0688",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "Microsoft Exchange Server 2013",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "Cumulative Update 23"
                        }
                      ]
                    }
                  },
                  {
                    "product_name": "Microsoft Exchange Server 2019 Cumulative Update 3",
                    "version": {
                      "version_data": [
                        {
                          "version_value": ""
                        }
                      ]
                    }
                  },
                  {
                    "product_name": "Microsoft Exchange Server 2016 Cumulative Update 14",
                    "version": {
                      "version_data": [
                        {
                          "version_value": ""
                        }
                      ]
                    }
                  },
                  {
                    "product_name": "Microsoft Exchange Server 2016 Cumulative Update 15",
                    "version": {
                      "version_data": [
                        {
                          "version_value": ""
                        }
                      ]
                    }
                  },
                  {
                    "product_name": "Microsoft Exchange Server 2019 Cumulative Update 4",
                    "version": {
                      "version_data": [
                        {
                          "version_value": ""
                        }
                      ]
                    }
                  },
                  {
                    "product_name": "Microsoft Exchange Server 2010 Service Pack 3 Update Rollup 30",
                    "version": {
                      "version_data": [
                        {
                          "version_value": ""
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "Microsoft"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "A remote code execution vulnerability exists in Microsoft Exchange software when the software fails to properly handle objects in memory, aka \u0027Microsoft Exchange Memory Corruption Vulnerability\u0027."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "Remote Code Execution"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0688",
            "refsource": "MISC",
            "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0688"
          },
          {
            "name": "https://www.zerodayinitiative.com/advisories/ZDI-20-258/",
            "refsource": "MISC",
            "url": "https://www.zerodayinitiative.com/advisories/ZDI-20-258/"
          },
          {
            "name": "http://packetstormsecurity.com/files/156592/Microsoft-Exchange-2019-15.2.221.12-Remote-Code-Execution.html",
            "refsource": "MISC",
            "url": "http://packetstormsecurity.com/files/156592/Microsoft-Exchange-2019-15.2.221.12-Remote-Code-Execution.html"
          },
          {
            "name": "http://packetstormsecurity.com/files/156620/Exchange-Control-Panel-Viewstate-Deserialization.html",
            "refsource": "MISC",
            "url": "http://packetstormsecurity.com/files/156620/Exchange-Control-Panel-Viewstate-Deserialization.html"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "cve": {
        "cisaActionDue": "2022-05-03",
        "cisaExploitAdd": "2021-11-03",
        "cisaRequiredAction": "Apply updates per vendor instructions.",
        "cisaVulnerabilityName": "Microsoft Exchange Server Validation Key Remote Code Execution Vulnerability",
        "configurations": [
          {
            "nodes": [
              {
                "cpeMatch": [
                  {
                    "criteria": "cpe:2.3:a:microsoft:exchange_server:2010:sp3_rollup_30:*:*:*:*:*:*",
                    "matchCriteriaId": "276776E0-F9DA-4F18-A984-5E7811465B80",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:a:microsoft:exchange_server:2013:cumulative_update_23:*:*:*:*:*:*",
                    "matchCriteriaId": "DA166F2A-D83B-4D50-AD0B-668D813E0585",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_14:*:*:*:*:*:*",
                    "matchCriteriaId": "55284CF7-0D04-4216-83FE-4B1F9CA94207",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_15:*:*:*:*:*:*",
                    "matchCriteriaId": "CA2CE223-AA49-49E6-AC32-59270EFF55AD",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:a:microsoft:exchange_server:2019:cumulative_update_3:*:*:*:*:*:*",
                    "matchCriteriaId": "104F96DC-E280-4E0A-8586-B043B55888C2",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:a:microsoft:exchange_server:2019:cumulative_update_4:*:*:*:*:*:*",
                    "matchCriteriaId": "73B3B3FE-7E85-4B86-A983-2C410FFEF4B8",
                    "vulnerable": true
                  }
                ],
                "negate": false,
                "operator": "OR"
              }
            ]
          }
        ],
        "descriptions": [
          {
            "lang": "en",
            "value": "A remote code execution vulnerability exists in Microsoft Exchange software when the software fails to properly handle objects in memory, aka \u0027Microsoft Exchange Memory Corruption Vulnerability\u0027."
          },
          {
            "lang": "es",
            "value": "Se presenta una vulnerabilidad de ejecuci\u00f3n de c\u00f3digo remota en el software Microsoft Exchange cuando el software no puede manejar apropiadamente los objetos en la memoria, tambi\u00e9n se conoce como \"Microsoft Exchange Memory Corruption Vulnerability\"."
          }
        ],
        "id": "CVE-2020-0688",
        "lastModified": "2024-02-13T17:23:13.330",
        "metrics": {
          "cvssMetricV2": [
            {
              "acInsufInfo": false,
              "baseSeverity": "HIGH",
              "cvssData": {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "SINGLE",
                "availabilityImpact": "COMPLETE",
                "baseScore": 9.0,
                "confidentialityImpact": "COMPLETE",
                "integrityImpact": "COMPLETE",
                "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
                "version": "2.0"
              },
              "exploitabilityScore": 8.0,
              "impactScore": 10.0,
              "obtainAllPrivilege": false,
              "obtainOtherPrivilege": false,
              "obtainUserPrivilege": false,
              "source": "nvd@nist.gov",
              "type": "Primary",
              "userInteractionRequired": false
            }
          ],
          "cvssMetricV31": [
            {
              "cvssData": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 8.8,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              "exploitabilityScore": 2.8,
              "impactScore": 5.9,
              "source": "nvd@nist.gov",
              "type": "Primary"
            }
          ]
        },
        "published": "2020-02-11T22:15:15.900",
        "references": [
          {
            "source": "secure@microsoft.com",
            "tags": [
              "Exploit",
              "Third Party Advisory",
              "VDB Entry"
            ],
            "url": "http://packetstormsecurity.com/files/156592/Microsoft-Exchange-2019-15.2.221.12-Remote-Code-Execution.html"
          },
          {
            "source": "secure@microsoft.com",
            "tags": [
              "Exploit",
              "Third Party Advisory",
              "VDB Entry"
            ],
            "url": "http://packetstormsecurity.com/files/156620/Exchange-Control-Panel-Viewstate-Deserialization.html"
          },
          {
            "source": "secure@microsoft.com",
            "tags": [
              "Patch",
              "Vendor Advisory"
            ],
            "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0688"
          },
          {
            "source": "secure@microsoft.com",
            "tags": [
              "Third Party Advisory",
              "VDB Entry"
            ],
            "url": "https://www.zerodayinitiative.com/advisories/ZDI-20-258/"
          }
        ],
        "sourceIdentifier": "secure@microsoft.com",
        "vulnStatus": "Analyzed",
        "weaknesses": [
          {
            "description": [
              {
                "lang": "en",
                "value": "CWE-287"
              }
            ],
            "source": "nvd@nist.gov",
            "type": "Primary"
          }
        ]
      }
    }
  }
}

Tags

Taxonomy of the tags.

All sightings related to this event Export sightings related to this event

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2020-0688 (GCVE-0-2020-0688)

CISA KEV

Known Exploited Vulnerability - GCVE BCP-07 Compliant

Timestamps

Scope

Evidence

Vendor Report Successful Exploitation Confidence: 80% Source: cisa-kev

Details

References

Solution

Solution

Solution

Solution

Tags

Sightings

Nomenclature