Show filters
8 Total Results
Displaying 1-8 of 8
Sort by:
Attacker Value
Very High

Multiple Microsoft Exchange zero-day vulnerabilities - ProxyLogon Exploit Chain

Last updated February 09, 2022
Microsoft disclosed four actively exploited zero-day vulnerabilities being used to attack on-premises versions of Microsoft Exchange Server. The vulnerabilities identified are CVE-2021-26855, CVE-2021-26857, CVE-2021-26858, and CVE-2021-27065, all of which affect Microsoft Exchange Server. Exchange Online is not affected. In the attacks observed, the threat actor used these vulnerabilities to access on-premises Exchange servers which enabled access to email accounts, and allowed installation of additional malware to facilitate long-term access to victim environments. Microsoft Threat Intelligence Center (MSTIC) attributes this campaign with high confidence to HAFNIUM, a group assessed to be state-sponsored and operating out of China, based on observed victimology, tactics and procedures.
17
2
Attacker Value
Very High

CVE-2021-26855

Disclosure Date: March 03, 2021 (last updated March 03, 2021)
Microsoft Exchange Server Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-26412, CVE-2021-26854, CVE-2021-26857, CVE-2021-26858, CVE-2021-27065, CVE-2021-27078.
2
2
Attacker Value
Very High

CVE-2021-26857

Disclosure Date: March 03, 2021 (last updated July 27, 2021)
Microsoft Exchange Server Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-26412, CVE-2021-26854, CVE-2021-26855, CVE-2021-26858, CVE-2021-27065, CVE-2021-27078.
Attack Vector: LocalPrivileges: NoneUser Interaction: Required
4
1
Attacker Value
Very High

CVE-2021-27065

Disclosure Date: March 03, 2021 (last updated July 27, 2021)
Microsoft Exchange Server Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-26412, CVE-2021-26854, CVE-2021-26855, CVE-2021-26857, CVE-2021-26858, CVE-2021-27078.
Attack Vector: LocalPrivileges: NoneUser Interaction: Required
1
2
Attacker Value
Unknown

CVE-2021-26858

Disclosure Date: March 03, 2021 (last updated July 27, 2021)
Microsoft Exchange Server Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-26412, CVE-2021-26854, CVE-2021-26855, CVE-2021-26857, CVE-2021-27065, CVE-2021-27078.
Attack Vector: LocalPrivileges: NoneUser Interaction: Required
0
0
Attacker Value
Unknown

CVE-2021-27078

Disclosure Date: March 03, 2021 (last updated March 09, 2021)
Microsoft Exchange Server Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-26412, CVE-2021-26854, CVE-2021-26855, CVE-2021-26857, CVE-2021-26858, CVE-2021-27065.
Attack Vector: NetworkPrivileges: HighUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2021-26854

Disclosure Date: March 03, 2021 (last updated March 10, 2021)
Microsoft Exchange Server Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-26412, CVE-2021-26855, CVE-2021-26857, CVE-2021-26858, CVE-2021-27065, CVE-2021-27078.
Attack Vector: NetworkPrivileges: HighUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2021-26412

Disclosure Date: March 03, 2021 (last updated March 10, 2021)
Microsoft Exchange Server Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-26854, CVE-2021-26855, CVE-2021-26857, CVE-2021-26858, CVE-2021-27065, CVE-2021-27078.
Attack Vector: NetworkPrivileges: HighUser Interaction: None
0
0