Companies are delaying in fixing Microsoft Exchange Server vulnerability (CVE-2020-0688) that the software giant repaired with February 2020 Patch Day updates.
The CVE-2020-0688 fault exists in the Exchange Control Panel (ECP) module; the major reason of the problem is that Exchange servers are unable to appropriately generate exclusive keys at install time.
The specialists provided no details on the threat actors that are abusing the susceptibility.
“Knowledge of a the validation key allows an authenticated user with a mailbox to pass arbitrary objects to be deserialized by the web application, which runs as SYSTEM.” reads the advisory published by Microsoft.
A distant, genuine hacker could exploit the CVE-2020-0688 susceptibility to implement random code with SYSTEM privileges on a server and take full control.
Security specialist Simon Zuckerbraun published technical details on how to abuse the Microsoft Exchange CVE-2020-0688 along with a video PoC.
The susceptibility affects Microsoft Exchange 2010, 2013, 2016, and 2019.
Security firm Kenna Security says that corporations are very slow in highlighting the susceptibility, less than 15% have already fixed it at the moment.
“In order to understand how remediation teams were doing against this critical vulnerability, we pulled a representative sample of remediation data, giving us the rate of open vs closed instances of the vulnerability. This was not encouraging. The vulnerability is currently less than 15% remediated.” reads the report published by Kenna Security. “Looking at the rate of open vs closed instances of the vulnerability, the security firm observed that remediation efforts are at less than 15% at the moment.”
“How many of these are vulnerable? Using the inferred information – we can’t be 100% accurate since there’s no clear indicator that the patch was applied.” continues the report. “But, based on the underlying version, we can label as either “vulnerable” or “potentially vulnerable. ”After doing this labeling, we got the result: 74% vulnerable and 26% potentially vulnerable. This falls in line with the first analysis and is not particularly encouraging.”