Lucene search
MicrosoftCVELIST:CVE-2020-0688HistoryFeb 11, 2020 - 9:22 p.m.
CVE-2020-0688
2020-02-1121:22:59
microsoft
www.cve.org
2
A remote code execution vulnerability exists in Microsoft Exchange software when the software fails to properly handle objects in memory, aka ‘Microsoft Exchange Memory Corruption Vulnerability’.
CNA Affected
[
{
"product": "Microsoft Exchange Server 2013",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "Cumulative Update 23"
}
]
},
{
"product": "Microsoft Exchange Server 2019 Cumulative Update 3",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Exchange Server 2016 Cumulative Update 14",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Exchange Server 2016 Cumulative Update 15",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Exchange Server 2019 Cumulative Update 4",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Exchange Server 2010 Service Pack 3 Update Rollup 30",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
}
]References
packetstormsecurity.com/files/156592/Microsoft-Exchange-2019-15.2.221.12-Remote-Code-Execution.html
packetstormsecurity.com/files/156620/Exchange-Control-Panel-Viewstate-Deserialization.html
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0688
www.zerodayinitiative.com/advisories/ZDI-20-258/
Related
threatpost
threatpost
DHS Shortens Deadline For Gov Agencies to Fix Critical Flaws
2019-05-01 19:57:27
Amazon Employees Given 'Broad Access' to Personal Alexa Info
2019-04-25 15:55:18
Docker Hub Hack Affects 190K Accounts, with Concerning Consequences
2019-04-29 14:13:23
attackerkb
attackerkb
CVE-2020-0688 - Exchange Control Panel Viewstate Deserialization Bug
2020-02-11 00:00:00
CVE-2020-16875
2020-09-11 00:00:00
CVE-2020-16952 — Microsoft SharePoint Remote Code Execution Vulnerabilities
2020-10-16 00:00:00
checkpoint_advisories
checkpoint_advisories
Microsoft Exchange Server Remote Code Execution (CVE-2020-0688)
2020-03-01 00:00:00
githubexploit
githubexploit
Exploit for Improper Authentication in Microsoft
2021-01-04 10:48:40
Exploit for Improper Authentication in Microsoft
2020-02-27 02:54:27
Exploit for Improper Authentication in Microsoft
2020-06-12 08:28:35
zdt
zdt
Microsoft Exchange 2019 15.2.221.12 - Authenticated Remote Code Execution Exploit
2020-03-02 00:00:00
Exchange Control Panel Viewstate Deserialization Exploit
2020-03-05 00:00:00
Background Intelligent Transfer Service Privilege Escalation Exploit
2020-06-12 00:00:00
trendmicroblog
trendmicroblog
zdi
zdi
cisa_kev
cisa_kev
Microsoft Exchange Server Validation Key Remote Code Execution Vulnerability
2021-11-03 00:00:00
taosecurity
taosecurity
If You Can't Patch Your Email Server, You Should Not Be Running It
2020-04-07 15:28:00
exploitpack
exploitpack
Microsoft Exchange 2019 15.2.221.12 - Authenticated Remote Code Execution
2020-03-02 00:00:00
securelist
securelist
GReAT Ideas follow-up
2020-07-15 10:00:13
Owowa: the add-on that turns your OWA into a credential stealer and remote access panel
2021-12-14 10:00:39
APT trends report Q2 2020
2020-07-29 10:00:09
cisa
cisa
Unpatched Microsoft Exchange Servers Vulnerable to CVE-2020-0688
2020-03-10 00:00:00
metasploit
metasploit
Exchange Control Panel ViewState Deserialization
2020-02-28 02:57:08
cve
cve
CVE-2020-0688
2020-02-11 22:15:15
mskb
mskb
packetstorm
packetstorm
Exchange Control Panel Viewstate Deserialization
2020-03-04 00:00:00
Microsoft Exchange 2019 15.2.221.12 Remote Code Execution
2020-03-02 00:00:00
Background Intelligent Transfer Service Privilege Escalation
2020-06-11 00:00:00
rapid7blog
rapid7blog
Microsoft Exchange 2010 End of Support and Overall Patching Study
2020-09-29 16:05:16
Staying Secure in a Global Cyber Conflict
2022-02-25 01:31:27
Metasploit Wrap-Up
2020-10-09 19:41:47
prion
prion
Remote code execution
2020-02-11 22:15:00
mscve
mscve
Microsoft Exchange Validation Key Remote Code Execution Vulnerability
2020-02-11 08:00:00
Microsoft Exchange Server Remote Code Execution Vulnerability
2021-03-02 08:00:00
Microsoft Exchange Server Remote Code Execution Vulnerability
2021-03-02 08:00:00
mssecure
mssecure
Defending Exchange servers under attack
2020-06-24 16:00:40
canvas
canvas
Immunity Canvas: OWA_RCE
2020-02-11 22:15:00
nvd
nvd
CVE-2020-0688
2020-02-11 22:15:15
exploitdb
exploitdb
Exchange Control Panel - Viewstate Deserialization (Metasploit)
2020-03-05 00:00:00
Microsoft Exchange 2019 15.2.221.12 - Authenticated Remote Code Execution
2020-03-02 00:00:00
nessus
nessus
Security Updates for Exchange (February 2020)
2020-02-11 00:00:00
avleonov
avleonov
Microsoft Patch Tuesday February 2020
2020-02-13 14:50:34
0daydb
0daydb
Background Intelligent Transfer Service CVE-2020-0787 - Privilege Escalation
2020-06-12 13:15:16
thn
thn
NSA, FBI Reveal Hacking Methods Used by Russian Military Hackers
2021-07-02 06:23:00
NoxPlayer Supply-Chain Attack is Likely the Work of Gelsemium Hackers
2021-06-14 13:34:00
FIN7 Cybercrime Syndicate Emerges as a Major Player in Ransomware Landscape
2022-12-22 13:13:00
kaspersky
kaspersky
KLA11664 Multiple vulnerabilities in Microsoft Exchange Server
2020-02-11 00:00:00
krebs
krebs
Microsoft Patch Tuesday, March 2020 Edition
2020-03-10 23:44:29
Microsoft Patch Tuesday, Sept. 2020 Edition
2020-09-08 21:33:26
Microsoft Patch Tuesday, February 2020 Edition
2020-02-11 23:13:57
hivepro
hivepro
Russian state-sponsored cyber actors targeting U.S. critical infrastructure
2022-02-18 12:20:35
ics
ics
Iranian Government-Sponsored Actors Conduct Cyber Operations Against Global Government and Commercial Networks
2022-02-24 12:00:00
Russian State-Sponsored Cyber Actors Target Cleared Defense Contractor Networks to Obtain Sensitive U.S. Defense Information and Technology
2022-02-16 12:00:00
Chinese Ministry of State Security-Affiliated Cyber Threat Actor Activity
2020-10-24 12:00:00
malwarebytes
malwarebytes
Threat profile: Egregor ransomware is making a name for itself
2020-12-15 13:58:58
qualysblog
qualysblog
February 2020 Patch Tuesday – 99 Vulns, 12 Critical, Patch for IE 0-Day, Exchange Vuln, Adobe Vulns
2020-02-11 19:47:15
Qualys Security Advisory: SolarWinds / FireEye
2020-12-22 21:17:31
CISA Alert: Top 15 Routinely Exploited Vulnerabilities
2022-05-06 12:19:24
googleprojectzero
googleprojectzero
The More You Know, The More You Know You Don’t Know
2022-04-19 00:00:00
talosblog
talosblog