Vulnerabilities > CVE-2020-10656 - Deserialization of Untrusted Data vulnerability in Proofpoint Insider Threat Management Server
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
HIGH Integrity impact
HIGH Availability impact
HIGH Summary
The Proofpoint Insider Threat Management Server (formerly ObserveIT Server) before 7.9.1 contains a vulnerability in the ITM application server's WriteWindowMouseWithChunksV2 API. The vulnerability allows an anonymous remote attacker to execute arbitrary code with local administrator privileges. The vulnerability is caused by improper deserialization.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |