A researcher affiliated with Trend Micro’s Zero Day Initiative (ZDI) recently disclosed an authenticated Server-Side Request Forgery (SSRF) zero-day vulnerability within the Microsoft Exchange Server. At the time of writing, the vulnerability was not assigned a CVE identifier. The researcher reported that Microsoft has acknowledged the vulnerability. Microsoft does not plan to release an immediate … Continue reading “Microsoft Exchange Server Authenticated SSRF Vulnerability (Zero Day)”
Tag: Microsoft Exchange Server
Microsoft Exchange Server Zero-day Vulnerabilities (CVE-2022-41040 and CVE-2022-41082) (ProxyNotShell)
Vietnamese cybersecurity outfit GTSC has reported two critical vulnerabilities in Microsoft Exchange Server 2013, 2016, and 2019 via the Zero-day initiative (ZDI-CAN-18333 and ZDI-CAN-18802). The first flaw (CVE-2022-41040) is a Server-Side Request Forgery (SSRF) vulnerability. The second flaw (CVE-2022-41082) allows remote code execution (RCE) when PowerShell is accessible to the attacker. Microsoft has mentioned in … Continue reading “Microsoft Exchange Server Zero-day Vulnerabilities (CVE-2022-41040 and CVE-2022-41082) (ProxyNotShell)”
Microsoft Exchange Server Remote Code Execution (RCE) Vulnerability (CVE-2021-42321)
Microsoft has released a patch for a highly severe Exchange Server vulnerability in its November 2021 Patch Tuesday. This vulnerability can allow authenticated attackers to execute codes remotely on vulnerable servers. The CVE-2021-42321 security issue is caused by inappropriate validation of command-let (cmdlet) parameters. To execute this vulnerability, the attacker needs to be authenticated. This vulnerability only affects on-premises Microsoft Exchange servers, including those used by users in Exchange Hybrid … Continue reading “Microsoft Exchange Server Remote Code Execution (RCE) Vulnerability (CVE-2021-42321)”
Microsoft Exchange Server Remote Code Execution Vulnerabilities (4 zero days – CVE-2021-26855, CVE-2021-26857, CVE-2021-26858, CVE-2021-27065)
Microsoft has released patches for the four zero-days exploited in the attacks (CVE-2021-26855, CVE-2021-26857, CVE-2021-26858, and CVE-2021-27065), discovered during the subsequent investigation. These bugs were observed by Microsoft Threat Intelligence Center (MSTIC) since January 2021. The OS giant, said that Hafnium operators used the four Exchange zero-days as part of a multi-part attack chain to … Continue reading “Microsoft Exchange Server Remote Code Execution Vulnerabilities (4 zero days – CVE-2021-26855, CVE-2021-26857, CVE-2021-26858, CVE-2021-27065)”