Recently, the security experts have reported that over 247,000 exchange servers are vulnerable to actively exploited the bug.
The security experts have named the vulnerability as CVE-2020-0688; this vulnerability is a post-auth remote code execution (RCE) that are affecting all the Exchange Server versions that are under maintenance.
The CVE-2020-0688 RCE flaw survives in the Exchange Control Panel (ECP) segment, which allowed in default configurations, and also allows potential threat actors to remotely hijack the vulnerable Exchange servers utilizing any valid email credentials.
Over 61% of Servers are Vulnerable
The number of detected Exchange servers that are exposed to threat actors is trying to exploit the CVE-2020-0688 vulnerability. Moreover, Rapid7 once again executed the use of its Project Sonar internet-wide survey instrument for different headcount.
There are over 61% of vulnerable servers that include the Exchange 2010, 2013, 2016, and 2019, in which the security holes are being left unpatched and exposed to continuous strikes.
Rapid7 report also states that 87% of nearly 138,000 Exchange 2016 servers and 77% of nearby 25,000 Exchange 2019 servers were left open to CVE-2020-0688 exploits, and approximately 54,000 Exchange 2010 servers have not been updated in six years.
The cybersecurity experts have provided some recommendations that are to be followed by the users carefully, and here they are:-
- Businesses that are applying Exchange 2010 or newer should violently attempt to upgrade their surroundings according to the approved technologies.
- Businesses that are using Exchange 2013 should guarantee that they have a plan and timeline for updating to recommended technologies by April 11, 2023.
- Always keep in mind that the most advanced version of Windows Server that 2013 carries are also working EoS that year, so the method may propose all-new server OSes into the surroundings as well.
- Businesses that are applying Exchange 2016 or on-premises 2019 should secure their Exchange environment up-to-date and ensure that there are a plan and process to keep it updated.
- Companies that are applying Exchange that are hosted by a non-Microsoft vendor should guarantee the merchant that they have a plan and process for holding the software up-to-date. And they should also confirm that all this is being done and operate the vendor accountable if not.
- Support vulnerability administration tools and other types of tools to identify when Exchange surroundings lack updates. Updates are especially helpful when Exchange version numbers cannot be reliably confirmed.
Apart from this, the security experts are still trying their best to operate all the details regarding this vulnerability; till then, the experts recommended all the organizations to follow the recommendations that they have provided.