Based on a Rapid7 survey more than 357 thousand Exchange Servers are vulnerable to a latest RCE vulnerability which allows an attacker to use an Exchange user account to compromise the system) which. The bug responsible resides in the Exchange Control Panel (ECP) which can be used to manage mailboxes, distribution groups, contacts and several other objects at the Organization level.
Based on Rapid7 Project Sonar survey report more than 433,464 Exchange servers found to be online, at least 357,629 (82.5%) found to be vulnerable.
Microsoft published a security update guide on 02/11/2020 for CVE-2020-0688 and it states that:
A remote code execution vulnerability exists in Microsoft Exchange Server when the server fails to properly create unique keys at install time.
Knowledge of the validation key allows an authenticated user with a mailbox to pass arbitrary objects to be deserialized by the web application, which runs as SYSTEM.
The security update addresses the vulnerability by correcting how Microsoft Exchange creates the keys during install.
Your organization will need to apply the appropriate security updates depending on the software version being used.
