CVE-2020-0688 – Microsoft/Exchange

Click the icon to Follow me:- twitterTelegramRedditDiscord


CVE-2020-0688 is a memory corruption vulnerability impacting Microsoft Exchange. A Metasploit module was observed in open source and subsequently shared in the underground. Security researchers claimed the vulnerability was used in targeted attacks by Egregor ransomware.

PoC Links(if available):

Packet Storm Metasploit module –

Known Counter Measures:

Microsoft addressed the vulnerability in a security update by correcting how Microsoft Exchange creates the keys during install.

Links to patches(if available)