CVE-2020-16875

CWE-74 CWE-269 — Improper Privilege Management CWE-94 — Code Injection11 documents8 sources

Severity

7.2HIGH

EPSS

86.8%

top 0.57%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Microsoft Microsoft Exchange Server 2016 Cumulative Update 16 Microsoft Microsoft Exchange Server 2016 Cumulative Update 17 Microsoft Microsoft Exchange Server 2019 Cumulative Update 5 +2 more

Timeline

PublishedSep 11

Latest updateMay 24

Description

A remote code execution vulnerability exists in Microsoft Exchange server due to improper validation of cmdlet arguments. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the System user. Exploitation of the vulnerability requires an authenticated user in a certain Exchange role to be compromised. The security update addresses the vulnerability by correcting how Microsoft Exchange handles cmdlet arguments.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:HExploitability: 1.7 | Impact: 6.0

Affected Packages5 packages

▶CVEListV5microsoft/microsoft_exchange_server_2019_cumulative_update_515.02.0 — publication

▶CVEListV5microsoft/microsoft_exchange_server_2019_cumulative_update_615.02.0 — publication

▶CVEListV5microsoft/microsoft_exchange_server_2016_cumulative_update_1615.01.0 — publication

▶CVEListV5microsoft/microsoft_exchange_server_2016_cumulative_update_1715.01.0 — publication

▶NVDmicrosoft/exchange_server2016, 2019+1

Patches

Patch: portal.msrc.microsoft.com ↗Patch: portal.msrc.microsoft.com ↗

🔴Vulnerability Details

GHSA

GHSA-5rg4-jqjp-6664: A remote code execution vulnerability exists in Microsoft Exchange server due to improper validation of cmdlet arguments↗2022-05-24

▶

CVEList

Microsoft Exchange Server Remote Code Execution Vulnerability↗2020-09-11

▶

VulnCheck

Microsoft Exchange Server Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')↗2020

▶

Project0

Project Zero RCA: CVE-2021-26855: Microsoft Exchange Server-Side Request Forgery↗

▶

📋Vendor Advisories

Microsoft

Microsoft Exchange Server Remote Code Execution Vulnerability↗2020-09-08

▶

🕵️Threat Intelligence

Trendmicro

September Patch Tuesday Updates Exchange, SharePoint↗2020-09-09

▶

Trendmicro

September Patch Tuesday Updates Exchange, SharePoint↗2020-09-09

▶

Krebs

Microsoft Patch Tuesday, Sept. 2020 Edition↗2020-09-08

▶