Microsoft Exchange Server Remote Code Execution Vulnerability

Microsoft Exchange Server Remote Code Execution Vulnerability

A critical Microsoft Exchange Server Remote Code Execution Vulnerability with a CVSS 3.1 score of 9.8 was released.

An attacker who successfully exploits this vulnerability can run arbitrary code in the context of the system user. The exploitation of this vulnerability requires an authenticated user in a certain exchange role to be compromised. Even though no exploit regarding this vulnerability has been discovered, due to its severity/criticality, it is highly recommended that the following patches are downloaded to ensure the safety of systems/assets.

Affected Systems

The following servers/systems are affected by this vulnerability;

• Microsoft Exchange Server 2019 Cumulative Update 10
• Microsoft Exchange Server 2016 Cumulative Update 21
• Microsoft Exchange Server 2013 Cumulative Update 23
• Microsoft Exchange Server 2016 Cumulative Update 20
• Microsoft Exchange Server 2019 Cumulative Update 9

IoC’s

-

Recommended Solution(s)

Organizations using the following products are recommended to download the patches in the table below.

CVE / CWE

CVE-2021-31206

Related Website(s)

• https://nvd.nist.gov/vuln/detail/CVE-2021-31206
• https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2021-31206
• https://www.zerodayinitiative.com/advisories/ZDI-21-826/
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-31206

* Vulnerabilities with a CVSS 3.1 score between 7.0 and 8.9 are evaluated to be “high” whereas vulnerabilities with a CVSS 3.1 score between 9.0 and 10.0 are evaluated to be “critical”.