Shulou(Shulou.com)06/01 Report--

How to carry out Microsoft Exchange remote code execution vulnerability notification, many novices are not very clear about this, in order to help you solve this problem, the following editor will explain for you in detail, people with this need can come to learn, I hope you can gain something.

Brief introduction of 0x01 vulnerability

On September 09, 2020, 360CERT Monitoring found that Microsoft Exchange issued a risk notice for a vulnerability in the execution of Exchange commands, the vulnerability number is CVE-2020-16875, the vulnerability level is serious, and the vulnerability score is 9.1.

Remote attackers can cause arbitrary command execution effects by constructing special cmdlet parameters.

In this regard, 360CERT recommends that the majority of users upgrade Exchange to the latest version in time. At the same time, please do a good job of asset self-examination and prevention to avoid hacker attacks.

0x02 risk rating

360CERT's assessment of the vulnerability is as follows

Rating method level threat level seriously affects extensive 360CERT score 9.10x03 vulnerability details CVE-2020-16875: command execution vulnerability

A remote code execution vulnerability exists in the Microsoft Exchange server due to incorrect validation of cmdlet parameters. An attacker who successfully exploits this vulnerability can run arbitrary code in the context of a system user. Exploitation of this vulnerability requires user privileges to authenticate to an Exchange role.

0x04 affects version

-microsoft:exchange_server_2016: cu16/cu17

-microsoft:exchange_server_2019: cu5/cu6

0x05 repair recommendation General repair recommendation

Find your own vulnerability patches that match the operating system version through the link below, and download and install the patches.

CVE-2020-16875 | Microsoft Exchange remote code execution vulnerability

Https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-16875

Is it helpful for you to read the above content? If you want to know more about the relevant knowledge or read more related articles, please follow the industry information channel, thank you for your support.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.