The Proofpoint Insider Threat Management Server (formerly ObserveIT Server) before 7.9.1 contains a vulnerability in the ITM application server's WriteWindowMouseWithChunksV2 API. The vulnerability allows an anonymous remote attacker to execute arbitrary code with local administrator privileges. The vulnerability is caused by improper deserialization.
References
Link | Resource |
---|---|
https://www.proofpoint.com/us/blog | Product |
https://www.proofpoint.com/us/security/security-advisories/pfpt-sa-2020-0003 | Vendor Advisory |
Configurations
Information
Published : 2021-01-06 06:15
Updated : 2021-01-08 12:40
NVD link : CVE-2020-10656
Mitre link : CVE-2020-10656
JSON object : View
CWE
CWE-502
Deserialization of Untrusted Data
Products Affected
proofpoint
- insider_threat_management_server