CVE-2020-17144

Microsoft Exchange Remote Code Execution Vulnerability

CVSS 8.4 HIGHEPSS 36.5%● KEVCWE-502

Vexday Risk Score

83Fix now

SSVC decision (CISA)

Act

Exploitation + impact → act immediately

CVSS 8.4EPSS 36.5%KEV simPoC públicaNuclei —Metasploit —Patch referenciado

Lifecycle

09 Dec 2020Public PoC

09 Dec 2020Published on NVD

03 Nov 2021Active exploitation (CISA KEV)

Recommendation: Patch as soon as possible — active exploitation confirmed.

In short

Microsoft Exchange has a vulnerability that allows attackers to execute malicious code remotely on affected servers. An attacker can exploit this flaw to take full control of the email system and access sensitive data.

Technical detail

This vulnerability involves unsafe deserialization of untrusted data in Microsoft Exchange, allowing remote code execution without authentication. An attacker can send specially crafted requests to trigger arbitrary code execution with SYSTEM privileges, leading to complete server compromise.

Summary generated and translated by AI from the official description.

Microsoft Exchange Remote Code Execution Vulnerability

CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:H/E:P/RL:O/RC:C

Affected products

Microsoft · Microsoft Exchange Server 2010 Service Pack 3 Update Rollup 31

public PoCs found — 2

githubgithub.com/Airboi/CVE-2020-17144-EXP★ 157 githubgithub.com/zcgonvh/CVE-2020-17144★ 157

⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2020-17144 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-17144 https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2020-17144