Rewterz Threat Advisory – CVE-2020-16875 – Microsoft Exchange Server Remote Code Execution Vulnerability

NetWalker Ransomware Hits K-Electric

September 13, 2020

Rewterz Threat Advisory – CVE-2020-13920 – Apache ActiveMQ man-in-the-middle Attack

September 14, 2020

Rewterz Threat Advisory – CVE-2020-16875 – Microsoft Exchange Server Remote Code Execution Vulnerability

Severity

High

Analysis Summary

CVE-2020-16875

A remote code execution vulnerability exists in Microsoft Exchange server due to improper validation of cmdlet arguments. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the System user. Exploitation of the vulnerability requires an authenticated user in a certain Exchange role to be compromised.

Impact

Remote Code Execution

Affected Vendors

Microsoft

Affected Products

Microsoft Exchange server

Remediation

Refer to Microsoft advisory for the list of affected products and their respective patches.

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-16875

NetWalker Ransomware Hits K-Electric

Rewterz Threat Advisory – CVE-2020-13920 – Apache ActiveMQ man-in-the-middle Attack

Rewterz Threat Advisory – CVE-2020-16875 – Microsoft Exchange Server Remote Code Execution Vulnerability

Severity

Analysis Summary

CVE-2020-16875

Impact

Affected Vendors

Affected Products

Remediation

Security Operations Centers across the region

Saudi Arabia

UAE

Oman

Pakistan