CVE-2020-0688 – Microsoft/Exchange
CVE-2020-0688 is a memory corruption vulnerability impacting Microsoft Exchange. A Metasploit module was observed in open source and subsequently shared in the underground. Security researchers claimed the vulnerability was used in targeted attacks by Egregor ransomware.
Summary:
CVE-2020-0688 is a memory corruption vulnerability impacting Microsoft Exchange. A Metasploit module was observed in open source and subsequently shared in the underground. Security researchers claimed the vulnerability was used in targeted attacks by Egregor ransomware.
PoC Links(if available):
Packet Storm Metasploit module –
https://packetstormsecurity.com/files/156620/Exchange-Control-Panel-Viewstate-Deserialization.html
Known Counter Measures:
Microsoft addressed the vulnerability in a security update by correcting how Microsoft Exchange creates the keys during install.
Links to patches(if available)
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0688