Exchange Server RCE via static validation key — once you know the key (same for all installs of a given version), any authenticated user can execute arbitrary code. Apply February 2020 patches and rotate Exchange validation keys.
A remote code execution vulnerability exists in Microsoft Exchange Server when the server fails to properly create unique keys at install time.
Exploit-DB.ai delivers real-time AI-triaged zero-day alerts directly to your inbox.
Activate Supernova →