CVE-2020-17144: Microsoft Exchange Remote Code Execution Vulnerability Alert

In the latest security update released by Microsoft in December, a remote code execution vulnerability (CVE-2020-17144) in Microsoft Exchange Server 2010 was announced, which is officially rated High.

The vulnerability is caused by the program incorrectly verifying cmdlet parameters. An authenticated attacker can use this vulnerability to achieve remote code execution.
Exchange Server 2010 extended support

This vulnerability is similar to CVE-2020-0688 and requires a login before exploiting. However, it does not require a clear text password when exploiting, as long as it has NTHash.

At present, detailed analysis and exploitation of this vulnerability have appeared, and it is recommended that affected users take measures to avoid risks as soon as possible.

Affected version

  • Microsoft Exchange Server 2010 Service Pack 3 Update Rollup 31

Solution

In this regard, we recommend that users upgrade Microsoft Exchange Server 2010 Service Pack 3 to the latest version in time.