CVE-2020-10656
CRITICALProofpoint Insider Threat Management Server <7.9.1 - Code Injection
Title source: llmDescription
The Proofpoint Insider Threat Management Server (formerly ObserveIT Server) before 7.9.1 contains a vulnerability in the ITM application server's WriteWindowMouseWithChunksV2 API. The vulnerability allows an anonymous remote attacker to execute arbitrary code with local administrator privileges. The vulnerability is caused by improper deserialization.
References (2)
Core 2
Core References
Product x_refsource_misc
https://www.proofpoint.com/us/blog
Vendor Advisory x_refsource_confirm
https://www.proofpoint.com/us/security/security-advisories/pfpt-sa-2020-0003
Scores
CVSS v3
9.8
EPSS
0.0258
EPSS Percentile
83.3%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Details
CWE
CWE-502
Status
published
Products (1)
proofpoint/insider_threat_management_server
< 7.9.1
Published
Jan 06, 2021
Tracked Since
Feb 18, 2026