MS Exchange Validation Key Remote Code Execution Vulnerability

MS Exchange Validation Key Remote Code Execution Vulnerability

On February 11, 2020, Microsoft published a vulnerability that could cause remote code execution in the Exchange e-mail server.

Knowing the authentication key allows a verified mailbox user to serialize any object that will be run by the web application with the SYSTEM user and send it to the web application.

SOLUTION/RECOMMENDATION

Security updates published by Microsoft; It must be implemented urgently on all relevant servers before any security incident occurs. Using vulnerability detection systems, all systems should be scanned for this vulnerability and the detected servers should be improved as soon as possible. In addition, if possible, it will be useful to activate signatures related to this vulnerability in security devices.

Before moving on to all systems, it is recommended that the update must be tested to avoid any interruptions over the service.

Operating Systems

• Microsoft Exchange Server

Versions

• Microsoft Exchange Server 2019, Microsoft Exchange Server 2016, Microsoft Exchange Server 2013, Microsoft Exchange Server 2010

CVE / CWE

CVE-2020-0688

Additional Information

1. https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0688
2. https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-0688