CVE-2020-0688β€”Microsoft Exchange Server Validation Key Remote Code Execution Vulnerability

PUBLISHEDvulnerability record
2021-11-03 Β· last modified June 21, 2025

Metadata

CVE ID:
CVE-2020-0688
Project:
Microsoft
Product:
Exchange Server
Date Added:
2021-11-03
Due Date:
2022-05-03
Last Updated:
June 21, 2025

Vulnerability Name

Microsoft Exchange Server Validation Key Remote Code Execution Vulnerability

Description

Microsoft Exchange Server Validation Key fails to properly create unique keys at install time, allowing for remote code execution.

Known To Be Used in Ransomware Campaigns?

Ransomware Status:
KNOWN

Action

Apply updates per vendor instructions.

Additional Notes

Related News Articles

Related Weaknesses