Exchange Server: Remote Code Execution Vulnerability CVE-2020-16875

[German]Administrators of Microsoft Echange Server should take care of patching the remote code execution vulnerability CVE-2020-16875. The details or exploits have now been published. But patches has been available since September 8, 2020.


Advertising

The vulnerability CVE-2020-16875

A remote code execution vulnerability exists in Microsoft Exchange Server, as Microsoft revealed on September 2020 patchday. In the vulnerability details CVE-2020-16875 Microsoft wrote:

A remote code execution vulnerability exists in Microsoft Exchange server due to improper validation of cmdlet arguments.

An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the System user. Exploitation of the vulnerability requires an authenticated user in a certain Exchange role to be compromised.

Microsoft released security updates for the affected products (Exchange Server 2016 and 2019) on September 8, 2020. The respective security update 4577352 addresses the vulnerability by correcting the evaluation of cmdlet arguments in Microsoft Exchange. Microsoft classifies the vulnerability as low risk (Exploitation Less Likely). Here are the available patches.

  • Microsoft Exchange Server 2016 Cumulative Update 16
  • Microsoft Exchange Server 2016 Cumulative Update 17
  • Microsoft Exchange Server 2019 Cumulative Update 5:
  • Microsoft Exchange Server 2019 Cumulative Update 6:

Security researcher from Source Incide just published this post with PoCs about the vulnerability (I got the tip on Twitter).  This was reported to Microsoft on May 22nd, 2020 and was fixed as of September 2020 patchday. In the post, Source Incide people do publish proof of concept exploits to exploit the vulnerability. So administrators should make sure that the Exchange servers are patched.


Advertising


This entry was posted in Security, Windows and tagged , . Bookmark the permalink.

Leave a Reply

Your email address will not be published. Required fields are marked *