Dec 2020: Microsoft Exchange Remote Code Execution Vulnerability
CVE-2020-17144 Published on December 10, 2020
Microsoft Exchange Remote Code Execution Vulnerability
Microsoft Exchange Remote Code Execution Vulnerability
Known Exploited Vulnerability
This Microsoft Exchange Remote Code Execution Vulnerability is part of CISA's list of Known Exploited Vulnerabilities. Microsoft Exchange Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2020-17117, CVE-2020-17132, CVE-2020-17141, CVE-2020-17142.
The following remediation steps are recommended / required by May 3, 2022: Apply updates per vendor instructions.
Weakness Type
What is a Marshaling, Unmarshaling Vulnerability?
The application deserializes untrusted data without sufficiently verifying that the resulting data will be valid.
CVE-2020-17144 has been classified to as a Marshaling, Unmarshaling vulnerability or weakness.
Products Associated with CVE-2020-17144
Want to know whenever a new CVE is published for Microsoft Exchange Server? stack.watch will email you.
Affected Versions
Microsoft Exchange Server 2010 Service Pack 3 Update Rollup 31:- Before publication is affected.
Exploit Probability
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.