9:30am, 10 Mar 2020

TLP Rating: White

Vulnerability in Exchange Server actively exploited

Attackers are exploiting the vulnerability (CVE-2020-0688) to execute commands on Exchange Control Panel (ECP). This allows highly privileged access to an organisation’s email servers by using the credentials of any domain user with a mailbox on the Exchange server.