CVE-2020-10655

The Proofpoint Insider Threat Management Server (formerly ObserveIT Server) before 7.9.1 contains a vulnerability in the ITM application server's WriteWindowMouse API. The vulnerability allows an anonymous remote attacker to execute arbitrary code with local administrator privileges. The vulnerability is caused by improper deserialization.

Published: Jan 6, 2021
Updated: Apr 13, 2023
CVE: CVE-2020-10655
Severity: Critical
Exploit:

CVSS v3:

Severity: Critical
Score: 9.8
AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CVSS v2:

Severity: High
Score: 7.5
AV:N/AC:L/Au:N/C:P/I:P/A:P

CWEs:

CWE-502

OWASP TOP 10:

A8 - Insecure Deserialization

Affected Software
References

Software	From	Fixed in
proofpoint / insider_threat_management_server	-	7.9.1

https://www.proofpoint.com/us/blog
https://www.proofpoint.com/us/security/security-advisories/pfpt-sa-2020-0003

Vulnerability Database

289,871

CVE-2020-10655