CVE-2020-0688 – Microsoft / Exchange – Memory corruption

January 2, 2021

CVE-2020-0688 is a memory corruption vulnerability impacting Microsoft Exchange. A Metasploit module was observed in open source and subsequently shared in the underground. Security researchers claimed the vulnerability was used in targeted attacks by Egregor ransomware.

Summary:

CVE-2020-0688 is a memory corruption vulnerability impacting Microsoft Exchange. A Metasploit module was observed in open source and subsequently shared in the underground. Security researchers claimed the vulnerability was used in targeted attacks by Egregor ransomware.

PoC Links(if available):

Packet Storm Metasploit module –
https://packetstormsecurity.com/files/156620/Exchange-Control-Panel-Viewstate-Deserialization.html

Known Counter Measures:

Microsoft addressed the vulnerability in a security update by correcting how Microsoft Exchange creates the keys during install.

Links to patches(if available)

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0688

You may have missed

CISA Logo

CISA: Cisco Releases Security Advisories for Cisco Integrated Management Controller

April 19, 2024
alerts

Cryptographic Vulnerability in PuTTY

April 19, 2024
Basta

Black Basta Ransomware Victim: fluenthome[.]com

April 19, 2024
Basta

Black Basta Ransomware Victim: macphie[.]com

April 19, 2024
Basta

Black Basta Ransomware Victim: columbiapipe[.]com

April 19, 2024