Arbitrary Code Execution Vulnerability in Proofpoint Insider Threat Management Server

Arbitrary Code Execution Vulnerability in Proofpoint Insider Threat Management Server

CVE-2020-10656 · CRITICAL Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

The Proofpoint Insider Threat Management Server (formerly ObserveIT Server) before 7.9.1 contains a vulnerability in the ITM application server's WriteWindowMouseWithChunksV2 API. The vulnerability allows an anonymous remote attacker to execute arbitrary code with local administrator privileges. The vulnerability is caused by improper deserialization.

Learn more about our Cis Benchmark Audit For Server Software.