● Microsoft Exchange Server 2013
● Microsoft Exchange Server 2016
● Microsoft Exchange Server 2019
There have been exploitations identified in the Microsoft Exchange server due to the vulnerability of the ProxyShell. The above versions of Microsoft Exchange servers are vulnerable if they have not been updated to the May 2021 Cumulative Update package. (KB5003435).
2. CVE-2021-34523 – both had security updates released in April 2021, and
3. CVE-2021-31207, which had a security update released in May 2021.
The vulnerability enables attackers to bypass ACL controls, elevate privileges on the exchange PowerShell backend permitting attackers to perform unauthenticated remote code execution. This vulnerability could lead to possibility of infecting LockFile ransomware on compromised system.
● Expose sensitive information
● Service disruption
● Ransomware infections
Apply the latest update to your exchange server
The information provided herein is on an "as is" basis, without warranty of any kind.