CVE-2020-0688 | Cybersecurity Alerts | Nexus IT Services, LLC

← Back to Cybersecurity Alerts

CVE-2020-0688

Microsoft | Exchange ServerAdded 2021-11-03Remediation Deadline 2022-05-03Active Ransomware Campaign

Microsoft Exchange Server Validation Key Remote Code Execution Vulnerability

Microsoft Exchange Server Validation Key fails to properly create unique keys at install time, allowing for remote code execution.

Required Action

Apply updates per vendor instructions.

Weakness Classification

CWE-287

References

https://nvd.nist.gov/vuln/detail/CVE-2020-0688