Rewterz Threat Advisory – CVE-2020-17083 – Microsoft Exchange Server code execution
November 11, 2020Rewterz Threat Advisory – CVE-2020-8269 – Citrix Virtual Apps and Desktops privilege escalation
November 11, 2020Rewterz Threat Advisory – CVE-2020-17083 – Microsoft Exchange Server code execution
November 11, 2020Rewterz Threat Advisory – CVE-2020-8269 – Citrix Virtual Apps and Desktops privilege escalation
November 11, 2020Severity
High
Analysis Summary
Microsoft Azure Sphere could allow a local attacker to execute arbitrary code on the system. The vulnerability exists due to improper input validation. A local attacker can send a specially crafted request and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
Impact
System compromise
Affected Vendors
Microsoft
Affected Products
Microsoft Azure Sphere
Remediation
Refer to Microsoft advisory for the complete list of affected products and their respective patches.
https://msrc.microsoft.com/update-guide/en-us/vulnerability/CVE-2020-16994