The U.S. National Security Agency (NSA) warned about a post-auth remote code execution vulnerability in all supported Microsoft Exchange Server servers via a tweet published on the agency's Twitter account.
NSA's tweet
reminded followers to patch the CVE-2020-0688 vulnerability which would enable potential attackers to execute commands on vulnerable Microsoft Exchange servers using email credentials.
Microsoft patched this RCE security flaw as part of the
February 2020 Patch Tuesday and tagged it with an "Exploitation More Likely" exploitability index assessment hinting at CVE-2020-0688 being an attractive target for attackers.
State-backed hackers already attacking Microsoft Exchange servers
The same day, researchers at security firm
Volexity confirmed that exploitation of this security flaw has begun in late February, with several organizations already having had their networks compromised after state-backed advanced persistent threats (APT) groups exploited the CVE-2020-0688 flaw.
... ... ...