By 
Cybersecurity company Volexity has warned that recently a flaw is being exploited by nation-state actors in Microsoft Exchange email servers traced as CVE-2020-0688.
The experts provided no details on the threat actors that are abusing the susceptibility.
The CVE-2020-0688 flaw exists in the Exchange Control Panel (ECP) component; the major reason of the problem is that Exchange servers are unable to effectively produce unique keys at install time.
“Knowledge of a the validation key allows an authenticated user with a mailbox to pass arbitrary objects to be deserialized by the web application, which runs as SYSTEM.” reads the advisory published by Microsoft.
A remote, genuine attacker could exploit the CVE-2020-0688 susceptibility to perform random code with SYSTEM privileges on a server and take full control.
“Similarly, any outside attacker who compromised the device or credentials of any enterprise user would be able to proceed to take over the Exchange server. Having accomplished this, an attacker would be positioned to divulge or falsify corporate email communications at will.” wrote Zuckerbraun. “Accordingly, if you’re an Exchange Server administrator, you should treat this as a Critical-rated patch and deploy it as soon as your testing is complete. Microsoft lists this with an Exploit Index of 1, which means they expect to see exploits within 30 days of the patch release.”
A few weeks ago, the popular security researcher Kevin Beaumont stated mass skimming for the CVE-2020-0688 (Microsoft Exchange 2007+ RCE vulnerability).
Microsoft issued security updates for the CVE-2020-0688 fault on February 11. At the time experts advised administrators to fix their servers before attackers could reach them and misuse the issue.
Since the revelation of the fault, at least three of proof-of-concept exploit codes were issued online nation-state actors started using them in the wild.
