← ExploitWatch
HomeExploited Vulnerabilities

CVE-2020-0688 — Actively Exploited: Exchange Server (Microsoft)

Microsoft Exchange Server Validation Key fails to properly create unique keys at install time, allowing for remote code execution.

CVE IDCVE-2020-0688
VendorMicrosoft
ProductExchange Server
Vulnerability nameMicrosoft Exchange Server Validation Key Remote Code Execution Vulnerability
Date added2021-11-03
Remediation due2022-05-03
Known ransomware useKnown
Required actionApply updates per vendor instructions.
DescriptionMicrosoft Exchange Server Validation Key fails to properly create unique keys at install time, allowing for remote code execution.
SourceCISA Known Exploited Vulnerabilities

🔍 Search all exploited vulnerabilities →