CVE-2020-10658

The Proofpoint Insider Threat Management Server (formerly ObserveIT Server) before 7.9.1 contains a vulnerability in the ITM application server's WriteImage API. The vulnerability allows an anonymous remote attacker to execute arbitrary code with local administrator privileges. The vulnerability is caused by improper deserialization.
Configurations

Configuration 1

cpe:2.3:a:proofpoint:insider_threat_management_server:*:*:*:*:*:*:*:*

Information

Published : 2021-01-06 02:15

Updated : 2021-01-08 08:32


NVD link : CVE-2020-10658

Mitre link : CVE-2020-10658

Products Affected
No products.
CWE
CWE-502

Deserialization of Untrusted Data