tencent cloud

$0 14-Day TrialExperience EdgeOne for acceleration and security protection!

Feedback

Web Application Firewall
DocumentationWeb Application FirewallRelease Notes and Announcements Security AdvisoryNotice for Exchange Server Command Execution Vulnerability
DocumentationWeb Application FirewallRelease Notes and Announcements Security AdvisoryNotice for Exchange Server Command Execution Vulnerability

Notice for Exchange Server Command Execution Vulnerability

Last updated: 2022-06-23 11:14:26
On September 17, 2020, Tencent Security noticed that Microsoft issued a security advisory for a command execution vulnerability in Exchange Server (CVE-2020-16875).
Note:
Microsoft Exchange Server is an email service program offered by Microsoft Corporation, which provides various features such as mail access, storage, forwarding, voice mail, and mail filtering.
The POC of the vulnerability is being circulated on the internet. Tencent Security recommends you upgrade Exchange to the latest version in time and implement asset inspection and protection to avoid attacks by hackers. Tencent Cloud WAF currently supports defense against them.

Vulnerability Details

A remote code execution vulnerability exists in Microsoft Exchange Server due to improper validation of cmdlet arguments. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the System user. Exploitation of the vulnerability requires successful authentication by Exchange. As the Exchange service ran with SYSTEM privileges, an attacker could get the highest privileges of the system by exploiting this vulnerability.

Affected Versions

Microsoft Exchange Server 2016 Cumulative Update 16
Microsoft Exchange Server 2016 Cumulative Update 17
Microsoft Exchange Server 2019 Cumulative Update 5
Microsoft Exchange Server 2019 Cumulative Update 6

Suggestions for Fix

According to the vulnerability advisory, Tencent Security recommends you:
Update to the latest version for fix in time.
Use WAF to detect and block attacks.

References

Catalog

In The Article

Notice for Exchange Server Command Execution Vulnerability

Contact Us

Contact our sales team or business advisors to help your business.

Technical Support

Open a ticket if you're looking for further assistance. Our Ticket is 7x24 avaliable.

7x24 Phone Support
Hong Kong, China
+852 800 906 020 (Toll Free)
United States
+1 844 606 0804 (Toll Free)
United Kingdom
+44 808 196 4551 (Toll Free)
Canada
+1 888 605 7930 (Toll Free)
Australia
+61 1300 986 386 (Toll Free)
EdgeOne hotline
+852 300 80699
More local hotlines coming soon