Show filters
2 Total Results
Displaying 1-2 of 2
Sort by:
Attacker Value
Very High
Multiple Microsoft Exchange zero-day vulnerabilities - ProxyLogon Exploit Chain
Last updated December 29, 2023
Microsoft disclosed four actively exploited zero-day vulnerabilities being used to attack on-premises versions of Microsoft Exchange Server. The vulnerabilities identified are CVE-2021-26855, CVE-2021-26857, CVE-2021-26858, and CVE-2021-27065, all of which affect Microsoft Exchange Server. Exchange Online is not affected.
In the attacks observed, the threat actor used these vulnerabilities to access on-premises Exchange servers which enabled access to email accounts, and allowed installation of additional malware to facilitate long-term access to victim environments. Microsoft Threat Intelligence Center (MSTIC) attributes this campaign with high confidence to HAFNIUM, a group assessed to be state-sponsored and operating out of China, based on observed victimology, tactics and procedures.
18
Attacker Value
Very High
CVE-2024-22729
Disclosure Date: January 25, 2024 (last updated February 02, 2024)
NETIS SYSTEMS MW5360 V1.0.1.3031 was discovered to contain a command injection vulnerability via the password parameter on the login page.
2