CVE-2020-0688CISA KEV: Actively Exploited

Microsoft Exchange Server Validation Key Remote Code Execution Vulnerability

Published Nov 3, 2021·Updated Nov 3, 2021

Description

Microsoft Exchange Server Validation Key fails to properly create unique keys at install time, allowing for remote code execution.

Public Exploits & PoCs26 found

PoC: CVE-2020-0688

Exploit and detect tools for CVE-2020-0688

326

PoC: cve-2020-0688

cve-2020-0688

304

PoC: cve-2020-0688

cve-2020-0688

159

PoC: CVE-2020-0688_EXP

CVE-2020-0688_EXP Auto trigger payload & encrypt method

145

PoC: CVE-2020-0688

CVE-2020-0688 - Exchange

64

PoC: CVE-2020-0688-Scanner

Quick tool for checking CVE-2020-0688 on multiple hosts with a non-intrusive method.

38

PoC: cve-2020-0688-webshell-upload-technique

cve-2020-0688 UNIVERSAL Python implementation utilizing ASPX webshell for command output

18

PoC: CVE-2020-0688

Exploitation Script for CVE-2020-0688 "Microsoft Exchange default MachineKeySection deserialize vulnerability"

12

PoC: CVE-2020-0688

CVE-2020-0688

11

PoC: CVE-2020-0688

Remote Code Execution on Microsoft Exchange Server through fixed cryptographic keys

10

PoC: ecp_slap

CVE-2020-0688 PoC

9

PoC: CVE-2020-0688

Vulnerability scanner for CVE-2020-0688

8

PoC: PSForgot2kEyXCHANGE

PoC for Forgot2kEyXCHANGE (CVE-2020-0688) written in PowerShell

5

PoC: CVE-2020-0688

[CVE-2020-0688] Microsoft Exchange Server Fixed Cryptographic Key Remote Code Execution (RCE)

4

PoC: CVE-2020-0688

PoC RCE Reverse Shell for CVE-2020-0688

4

PoC: Exploit_CVE-2020-0688

CVE-2020-0688 "Microsoft Exchange default MachineKeySection deserialize vulnerability"

4

PoC: CVE-2020-0688

Exchange Scanner CVE-2020-0688

4

PoC: CVE-2020-0688-Scanner

Scans for Microsoft Exchange Versions with masscan

2

PoC: cve-2020-0688

I made this script for conducting CVE-2020-0688 more rapidly. It helps to improve checking the vuln, reducing hugely steps for that

2

PoC: CVE-2020-0688-GUI

GUI Exploit Tool for CVE-2020-0688(Microsoft Exchange default MachineKeySection deserialize vulnerability)

1

PoC: Cyber-Attack-Analysis

A deep-dive security analysis into the 2020 Virgin Mobile KSA data breach. This study dissects the exploitation of CVE-2020-0688, evaluates the impact of delayed patch management, and proposes a robust multi-layered defense architecture to prevent sophisticated exfiltration tactics.

PoC: CVE-2020-0688

CVE-2020-0688: Remote Code Execution on Microsoft Exchange Server Through Fixed Cryptographic Keys

PoC: CVE-2020-0688-Exchange2010

CVE-2020-0688 modified exploit for Exchange 2010

PoC: CVE-2020-0688-Python3

Exploit updated to use Python 3.

PoC: CVE-2020-0688

CVE-2020-0688_Microsoft Exchange default MachineKeySection deserialize vulnerability

PoC: proxylogon

事件: 微軟(Microsoft)上周公布了修補遭到駭客攻擊的 Exchange Server 漏洞,全球恐有數萬個組織受到影響。網域與被入侵的Exchange郵件伺服器有關,而這臺伺服器後來被駭客當作C&C中繼站使用,導致接下來發生加密攻擊事故。 嚴重性: 全球企業普遍使用微軟生態系執行日常業務,若遭受駭客攻擊,將造成用戶機敏資料外洩並導致極大損失。雖然微軟已推出更新補釘,但阿戴爾強調這尚未去除儲存在受害伺服器內的後門殼層(webshell),因此就算尚未受到攻擊的企業可以免於被駭風險,駭客仍有時間入侵已被駭的伺服器留下「定時炸彈」。 從2020年開始,美國便不斷指控中國入侵多家醫藥公司及學術單位,試圖竊取疫苗研發機密,這次事件很可能將使中美之間的關係進一步惡化。至於華為、TikTok等中國服務是否會受到這次駭客事件波及,則暫時還不明朗。 漏洞通報程序: 在2年前,曾經拿下資安圈漏洞奧斯卡獎Pwnie Awards「最佳伺服器漏洞獎」戴夫寇爾首席資安研究員Orange Tsai(蔡政達),漏洞通報記錄不勝枚舉,後來因為針對企業常用的SSL VPN進行漏洞研究與通報,更是在全球資安圈聲名大噪。 不過,

References

View on NVD Search GitHub Search Google

Get alerted for CVEs like this

Register your stack and get notified within minutes when a matching CVE drops.

Start monitoring free