CVE-2020-17084 Buffer Overflow in Microsoft Exchange Server
Virsec Security Research Lab Vulnerability Analysis
The Virsec Security Research Lab provides detailed analysis on recent and notable security vulnerabilities
These are very early days for this vulnerability and not enough public information has been released into the NVD database. This Microsoft Exchange Server Remote Code Execution Vulnerability has been confirmed by Microsoft. They state in the referenced link that a detailed report exists, and functional reproduction is possible. Their analysis of the source code confirms the assertions of the researcher, Steven Seeley, who submitted the vulnerability.
Watch the video to learn more about this and other important vulnerabilities.
The CVSS Base Score is 8.8 (High)
Microsoft Exchange Server 2013 Cumulative Update 23
Microsoft Exchange Server 2016 Cumulative Update 18
Microsoft Exchange Server 2019 Cumulative Update 7
Microsoft Exchange Server 2016 Cumulative Update 17
Microsoft Exchange Server 2019 Cumulative Update 6
Steven Seeley of Source Incite
This vulnerability has been assigned CWE 120 (classic buffer overflow). As a result, an attacker can execute arbitrary and malicious code on the server. From the details of the CVSS score, users with even low privileges can leverage the vulnerability. Had publicly disclosed vulnerabilities existed at his time, the risk level would have been critical. Public exploit is not available.
Virsec Security Platform (VSP) Support
The Virsec Security Platform (VSP)- Host running on the server can protect against malicious code running on the attacked Exchange Server. VSP-Mem also protects against Buffer Overflow vulnerabilities.
Download the full vulnerability report to learn more about this and other important vulnerabilities.