CVE-2020-10657

Name of the Vulnerable Software and Affected Versions Proofpoint Insider Threat Management Server versions prior to 7.9.1

Description The issue is caused by improper deserialization in the ITM web console's ImportAlertRules feature, allowing a remote attacker with admin or config-admin privileges to execute arbitrary code with local administrator privileges.

Recommendations For versions prior to 7.9.1, update to version 7.9.1 or later to resolve the issue. As a temporary workaround, consider restricting access to the ImportAlertRules feature in the ITM web console to minimize the risk of exploitation.