CVE-2020-10656

Name of the Vulnerable Software and Affected Versions Proofpoint Insider Threat Management Server versions prior to 7.9.1

Description The issue allows an anonymous remote attacker to execute arbitrary code with local administrator privileges. This is caused by improper deserialization in the ITM application server's "WriteWindowMouseWithChunksV2" API endpoint.

Recommendations For versions prior to 7.9.1, update to version 7.9.1 or later to resolve the issue. As a temporary workaround, consider restricting access to the "WriteWindowMouseWithChunksV2" API endpoint until a patch is applied.