CVE-2021-42321
Microsoft Exchange Server Remote Code Execution Vulnerability
In short
A critical vulnerability in Microsoft Exchange Server allows attackers to execute arbitrary code remotely without authentication. This can give attackers complete control over email servers and the data they contain.
Technical detail
Unauthenticated remote code execution in Microsoft Exchange Server via deserialization of untrusted data in the Unified Messaging service. The vulnerability requires network access to the affected service and allows an attacker to execute arbitrary code with the privileges of the Exchange process.
Summary generated and translated by AI from the official description.
Microsoft Exchange Server Remote Code Execution Vulnerability
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Affected products
Microsoft · Microsoft Exchange Server 2016 Cumulative Update 21Microsoft · Microsoft Exchange Server 2016 Cumulative Update 22Microsoft · Microsoft Exchange Server 2019 Cumulative Update 10Microsoft · Microsoft Exchange Server 2019 Cumulative Update 11public PoCs found — 4
githubgithub.com/DarkSprings/CVE-2021-42321★ 83githubgithub.com/7BitsTeam/exch_CVE-2021-42321★ 10cve_referencepacketstormsecurity.com/files/166153/Microsoft-Exchange-Server-Remote-Code-Execution.htmlunverifiedcve_referencepacketstormsecurity.com/files/168131/Microsoft-Exchange-Server-ChainedSerializationBinder-Remote-Code-Execution.htmlunverified⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.
Want to know if your infrastructure is exposed to this?
Talk to TrueHacking →References
http://packetstormsecurity.com/files/166153/Microsoft-Exchange-Server-Remote-Code-Execution.htmlhttp://packetstormsecurity.com/files/168131/Microsoft-Exchange-Server-ChainedSerializationBinder-Remote-Code-Execution.htmlhttps://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-42321https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2021-42321