9:30am, 10 Mar 2020
TLP Rating: White
Vulnerability in Exchange Server actively exploited
Attackers are exploiting the vulnerability (CVE-2020-0688) to execute commands on Exchange Control Panel (ECP). This allows highly privileged access to an organisation’s email servers by using the credentials of any domain user with a mailbox on the Exchange server.