Show filters
106 Total Results
Displaying 1-10 of 106
Sort by:
Attacker Value
Very High

CVE-2020-0688 - Exchange Control Panel Viewstate Deserialization Bug

Disclosure Date: February 11, 2020 (last updated February 14, 2024)
A remote code execution vulnerability exists in Microsoft Exchange software when the software fails to properly handle objects in memory, aka 'Microsoft Exchange Memory Corruption Vulnerability'.
Attack Vector: NetworkPrivileges: LowUser Interaction: None
5
10
Attacker Value
Very High

Multiple Microsoft Exchange zero-day vulnerabilities - ProxyLogon Exploit Chain

Last updated December 29, 2023
Microsoft disclosed four actively exploited zero-day vulnerabilities being used to attack on-premises versions of Microsoft Exchange Server. The vulnerabilities identified are CVE-2021-26855, CVE-2021-26857, CVE-2021-26858, and CVE-2021-27065, all of which affect Microsoft Exchange Server. Exchange Online is not affected. In the attacks observed, the threat actor used these vulnerabilities to access on-premises Exchange servers which enabled access to email accounts, and allowed installation of additional malware to facilitate long-term access to victim environments. Microsoft Threat Intelligence Center (MSTIC) attributes this campaign with high confidence to HAFNIUM, a group assessed to be state-sponsored and operating out of China, based on observed victimology, tactics and procedures.
18
2
Attacker Value
Very High

ProxyShell Exploit Chain

Last updated December 28, 2023
ProxyShell is an exploit chain targeting on-premise installations of Microsoft Exchange Server. It was demonstrated by Orange Tsai at Pwn2Own in April 2021 and is comprised of three CVEs that, when chained, allow a remote unauthenticated attacker to execute arbitrary code on vulnerable targets. The three CVEs are CVE-2021-34473, CVE-2021-34523, and CVE-2021-31207. Details are available in Orange Tsai's [Black Hat USA 2020 talk](https://i.blackhat.com/USA21/Wednesday-Handouts/us-21-ProxyLogon-Is-Just-The-Tip-Of-The-Iceberg-A-New-Attack-Surface-On-Microsoft-Exchange-Server.pdf) and follow-on [blog series](https://blog.orange.tw/2021/08/proxylogon-a-new-attack-surface-on-ms-exchange-part-1.html). ProxyShell is being broadly exploited in the wild as of August 12, 2021.
11
2
Attacker Value
Very High

CVE-2021-26857

Disclosure Date: March 03, 2021 (last updated November 28, 2024)
Microsoft Exchange Server Remote Code Execution Vulnerability
5
1
Attacker Value
Very High

CVE-2021-24085

Disclosure Date: February 25, 2021 (last updated November 28, 2024)
Microsoft Exchange Server Spoofing Vulnerability
7
2
Attacker Value
Very High

CVE-2021-34473

Disclosure Date: July 14, 2021 (last updated November 28, 2024)
Microsoft Exchange Server Remote Code Execution Vulnerability
4
2
Attacker Value
Very High

CVE-2021-26855

Disclosure Date: March 03, 2021 (last updated November 28, 2024)
Microsoft Exchange Server Remote Code Execution Vulnerability
3
2
Attacker Value
High

CVE-2021-28482

Disclosure Date: April 13, 2021 (last updated November 28, 2024)
Microsoft Exchange Server Remote Code Execution Vulnerability
4
1
Attacker Value
High

CVE-2021-33766 ProxyToken

Disclosure Date: July 14, 2021 (last updated November 28, 2024)
Microsoft Exchange Server Information Disclosure Vulnerability
4
1
Attacker Value
Moderate

CVE-2023-36745

Disclosure Date: September 12, 2023 (last updated January 11, 2025)
Microsoft Exchange Server Remote Code Execution Vulnerability
Attack Vector: Adjacent NetworkPrivileges: LowUser Interaction: None
3
2
View More Topics  Next >