KLA11664
Multiple vulnerabilities in Microsoft Exchange Server

Updated: 01/18/2022

Detect date ?	02/11/2020
Severity ?	High
Description	Multiple vulnerabilities were found in Microsoft Exchange Server. Malicious users can exploit these vulnerabilities to gain privileges, execute arbitrary code. Below is a complete list of vulnerabilities: An elevation of privilege vulnerability in Microsoft Exchange Server can be exploited remotely to gain privileges. A memory corruption vulnerability in Microsoft Exchange can be exploited remotely via specially crafted email to execute arbitrary code.
Exploitation	Malware exists for this vulnerability. Usually such malware is classified as Exploit. More details.
Affected products	Microsoft Exchange Server 2016 Cumulative Update 14 Microsoft Exchange Server 2016 Cumulative Update 15 Microsoft Exchange Server 2013 Cumulative Update 23 Microsoft Exchange Server 2010 Service Pack 3 Update Rollup 30 Microsoft Exchange Server 2019 Cumulative Update 4 Microsoft Exchange Server 2019 Cumulative Update 3
Solution	Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)
Original advisories	CVE-2020-0692 CVE-2020-0688
Impacts ?	ACE [?] PE [?]
Related products	Microsoft Exchange Server
CVE-IDS ?	CVE-2020-06926.8High CVE-2020-06889.0Critical
KB list	4536988 4536989 4536987
Microsoft official advisories	Microsoft Security Update Guide
	Find out the statistics of the vulnerabilities spreading in your region

KLA11664Multiple vulnerabilities in Microsoft Exchange Server