- Release Notes and Announcements
- Release Notes
- Product Announcement
- Security Advisory
- Notice for Apache Log4j 2 RCE Vulnerability (CVE-2021-44832)
- Notice for Apache Log4j 2 RCE Vulnerability (CVE-2021-45046)
- Notice for Apache Log4j 2 RCE Vulnerability (CVE-2021-44228)
- Notice for WebLogic Console HTTP RCE Vulnerability
- Notice for Exchange Server Command Execution Vulnerability
- Notice for Yonyou GRP-U8 SQL Injection Vulnerability
- Notice for Apache Cocoon XXE Vulnerability (CVE-2020-11991)
- Notice for WordPress File Manager Arbitrary Code Execution Vulnerability
- Jenkins Security Advisory for September
- Notice for Apache Struts 2 RCE Vulnerabilities (CVE-2019-0230 and CVE-2019-0233)
- Notice for Apache SkyWalking SQL Injection Vulnerability (CVE-2020-13921)
- User Guide
- Product Introduction
- Purchase Guide
- Getting Started
- Operation Guide
- Best Practice
- FAQS
- Service Level Agreement
- WAF Policy
- Contact Us
- Glossary
- Release Notes and Announcements
- Release Notes
- Product Announcement
- Security Advisory
- Notice for Apache Log4j 2 RCE Vulnerability (CVE-2021-44832)
- Notice for Apache Log4j 2 RCE Vulnerability (CVE-2021-45046)
- Notice for Apache Log4j 2 RCE Vulnerability (CVE-2021-44228)
- Notice for WebLogic Console HTTP RCE Vulnerability
- Notice for Exchange Server Command Execution Vulnerability
- Notice for Yonyou GRP-U8 SQL Injection Vulnerability
- Notice for Apache Cocoon XXE Vulnerability (CVE-2020-11991)
- Notice for WordPress File Manager Arbitrary Code Execution Vulnerability
- Jenkins Security Advisory for September
- Notice for Apache Struts 2 RCE Vulnerabilities (CVE-2019-0230 and CVE-2019-0233)
- Notice for Apache SkyWalking SQL Injection Vulnerability (CVE-2020-13921)
- User Guide
- Product Introduction
- Purchase Guide
- Getting Started
- Operation Guide
- Best Practice
- FAQS
- Service Level Agreement
- WAF Policy
- Contact Us
- Glossary
Notice for Exchange Server Command Execution Vulnerability
Last updated: 2022-06-23 11:14:26
On September 17, 2020, Tencent Security noticed that Microsoft issued a security advisory for a command execution vulnerability in Exchange Server (CVE-2020-16875).
Note:Microsoft Exchange Server is an email service program offered by Microsoft Corporation, which provides various features such as mail access, storage, forwarding, voice mail, and mail filtering.
The POC of the vulnerability is being circulated on the internet. Tencent Security recommends you upgrade Exchange to the latest version in time and implement asset inspection and protection to avoid attacks by hackers. Tencent Cloud WAF currently supports defense against them.
Vulnerability Details
A remote code execution vulnerability exists in Microsoft Exchange Server due to improper validation of cmdlet arguments. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the System user. Exploitation of the vulnerability requires successful authentication by Exchange. As the Exchange service ran with SYSTEM privileges, an attacker could get the highest privileges of the system by exploiting this vulnerability.
Affected Versions
- Microsoft Exchange Server 2016 Cumulative Update 16
- Microsoft Exchange Server 2016 Cumulative Update 17
- Microsoft Exchange Server 2019 Cumulative Update 5
- Microsoft Exchange Server 2019 Cumulative Update 6
Suggestions for Fix
According to the vulnerability advisory, Tencent Security recommends you:
- Update to the latest version for fix in time.
- Use WAF to detect and block attacks.
Yes
No
Was this page helpful?