CVE-2020-17144: Microsoft Exchange Remote Code Execution Vulnerability
Overview
- Severity
- High (CVSS 8.4)
- CVSS Vector
- CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:H/E:P/RL:O/RC:C
- Category
- Remote Code Execution
- Exploit Status
- Not Exploited
- Exploitation Likelihood
- More Likely
- Patch Tuesday
- 2020-Dec
- Released
- 2020-12-08
- EPSS Score
- 92.00% (percentile: 99.7%)
- CISA KEV
- Listed — due 2022-05-03
FAQ
What can cause this vulnerability?
The vulnerability occurs due to improper validation of cmdlet arguments.
Does the attacker need to be in an authenticated role in the Exchange Server?
Yes, the attacker must be authenticated.
Known Exploits (5)
- Microsoft Exchange Server Remote Code Execution Vulnerability — added 2021-01-24T10:44:29+08:00
- Microsoft Exchange Server Remote Code Execution Vulnerability — added 2021-01-24T10:44:29+08:00
- Microsoft Exchange Server Remote Code Execution Vulnerability — added 2021-01-20T09:20:36+08:00
- Microsoft Exchange Server Remote Code Execution Vulnerability — added 2020-12-09T20:57:16Z
- Microsoft Exchange Server Remote Code Execution Vulnerability — added 2020-12-09T10:30:16Z
Detection & Weaponization (1 sources)
Maturity: Exploit
- GitHub PoC: 2 repositories
Affected Products (1)
Server Software
- Microsoft Exchange Server 2010 Service Pack 3 Update Rollup 31
Security Updates (1)
Acknowledgments
zcgonvh from A-TEAM of Legendsec at Qi'anxin Group
Revision History
- 2020-12-08: Information published.