Skip to the main content.
Government Programs
Integrated technology, solutions, and services that support rapid innovation within the DoD ecosystem.

CMMC Preparation & Assessment
Cybersecurity Assurance Readiness (CSAR®/RMF Pro)
ATO/RMF Support

Book GP Demo

Professional Services
Expertise in security strategy, incident response readiness, policy development, and risk assessments.

Risk Assessments
vCISO
Penetration Testing

Book ProServ Demo

Digital Forensics & Incident Response
Are You Under Attack?

If you are concerned about a potential threat or are experiencing a breach, contact our 24/7/365 emergency hotline at 888-860-0452.

CONTACT US

Subscribe-to-NetSec-News-v4Subscribe to NetSec News

Sign up to receive our biweekly newsletter that covers what's happening in cybersecurity including news, trends, and thought leadership.

SIGN UP

Ingalls Information Security

At our core, Ingalls is a company that strives to be helpful to our clients while continuously innovating and evolving our technology and solutions. Since 2010, we have been dedicated to building a team and product that can stay steps ahead of threats, attacks, and vulnerabilities in an ever-changing landscape.

Meet The Leadership Team

1 min read

Vulnerability Found in Microsoft Exchange Server

A remote code execution vulnerability exists in Microsoft Exchange Server when the server fails to properly create unique keys at install time.

Knowledge of the validation key allows an authenticated user with a mailbox to pass arbitrary objects to be deserialized by the web application, which runs as SYSTEM.

The security update addresses the vulnerability by correcting how Microsoft Exchange creates the keys during install.

Affected Software / System

Microsoft Exchange Server

CVE (if applicable)

CVE-2020-0688

Type

Remote Code Execution

Exploit Status: Exploited but not Public

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Publicly Disclosed

No

Exploited

No

Latest Software Release

1 - Exploitation More Likely

Older Software Release

1 - Exploitation More Likely

Denial of Service

N/A

 

Rating

8.8 - High

Impact

An attacker could gain code execution on affected Exchange servers by sending a specially crafted e-mail. No other user interaction is required. The code execution occurs at System-level permissions, so the attacker could completely take control of an Exchange server through a single e-mail.

Mitigation


Ingalls recommends the following actions:

HAFNIUM targeting Exchange Servers with 0-day exploits

HAFNIUM targeting Exchange Servers with 0-day exploits

Microsoft has detected multiple 0-day exploits being used to attack on-premises versions of Microsoft Exchange Server in limited and targeted...

Read More
Vulnerability in Windows Domain Name System (DNS)

Vulnerability in Windows Domain Name System (DNS)

On July 14, 2020, Microsoft released a security update for the issue described in CVE-2020-1350 | Windows DNS Server Remote Code Execution...

Read More
VMware vCenter Vulnerabilities

VMware vCenter Vulnerabilities

VMWare refers to these two vulnerabilities collectively as VMSA-2021-0010. CVE-2021-21985 - The vSphere Client (HTML5) contains a remote code...

Read More