CVE-2020-17084: Buffer Overflow in Microsoft Exchange Server
Virsec Security Research Lab Vulnerability Report
The Virsec Security Research Lab, helmed by Virsec CTO, Satya Gupta, provides timely, relevant analysis about prevalent security vulnerabilities.
1.1 Vulnerability Summary
These are very early days for this vulnerability and not enough public information has been released into the NVD database. This Microsoft Exchange Server Remote Code Execution Vulnerability has been confirmed by Microsoft. They state in the referenced link that a detailed report exists, and functional reproduction is possible. Their analysis of the source code confirms the assertions of the researcher, Steven Seeley, who submitted the vulnerability.
Watch the video to learn more about this and other important vulnerabilities.
1.2 CVSS Score
The CVSS Base Score is 8.8 (High)
1.3 Affected Version
Microsoft Exchange Server 2013 Cumulative Update 23
Microsoft Exchange Server 2016 Cumulative Update 18
Microsoft Exchange Server 2019 Cumulative Update 7
Microsoft Exchange Server 2016 Cumulative Update 17
Microsoft Exchange Server 2019 Cumulative Update 6
1.4 Vulnerability Attribution
Steven Seeley of Source Incite
1.5 Risk Impact
This vulnerability has been assigned CWE 120 (classic buffer overflow). As a result, an attacker can execute arbitrary and malicious code on the server. From the details of the CVSS score, users with even low privileges can leverage the vulnerability. Had publicly disclosed vulnerabilities existed at his time, the risk level would have been critical. Public exploit is not available.
1.6 Virsec Security Platform (VSP) Support:
The Virsec Security Platform (VSP)- Host running on the server can protect against malicious code running on the attacked Exchange Server. VSP-Mem also protects against Buffer Overflow vulnerabilities.
1.7 Reference Links:
- https://nvd.nist.gov/vuln/detail/CVE-2020-17084
- https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2020-17084
- https://srcincite.io/about/
Download the full vulnerability report to learn more about this and other important vulnerabilities.
The post CVE-2020-17084: Buffer Overflow in Microsoft Exchange Server appeared first on Virsec Systems.
*** This is a Security Bloggers Network syndicated blog from Blog – Virsec Systems authored by Satya Gupta. Read the original post at: https://virsec.com/cve-2020-17084-buffer-overflow-in-microsoft-exchange-server/
