CVE-2020-0688 – Microsoft/Exchange

Click the icon to Follow me:- twitterTelegramRedditDiscord

Summary:

CVE-2020-0688 is a memory corruption vulnerability impacting Microsoft Exchange. A Metasploit module was observed in open source and subsequently shared in the underground. Security researchers claimed the vulnerability was used in targeted attacks by Egregor ransomware.

PoC Links(if available):

Packet Storm Metasploit module –
https://packetstormsecurity.com/files/156620/Exchange-Control-Panel-Viewstate-Deserialization.html

Known Counter Measures:

Microsoft addressed the vulnerability in a security update by correcting how Microsoft Exchange creates the keys during install.

Links to patches(if available)

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0688