How can we help?
Published: 14th July 2021 | In: Threat Intelligence & Guidance
Wednesday 14th July 2021. A “very critical”¹ vulnerability has been identified within several versions of Microsoft Exchange Server. Quorum Cyber have produced the below Quick Info to get you up to speed with what you need to know.
What is it?
A “very critical” vulnerability has been identified within several versions of Microsoft Exchange Server. Proof of Concept (PoC) exploitation of the vulnerability has been described as easy, with attacks being initiated remotely and not requiring any form of authentication in order to achieve successful exploitation.
Technical details and an exploit are NOT currently publicly available. However, Microsoft have released a patch as part of the July 2021 Patch Tuesday batch. Given the disclosure of the vulnerability and the availability of the patch, malicious actors may reverse engineer the patch in order to better understand the vulnerability and create their own exploits.
What is the impact?
This vulnerability could be used to allow an unauthenticated user to perform remote code execution on Microsoft Exchange Servers.
Are my systems vulnerable?
The following Microsoft Exchange Servers are affected:
- Microsoft Exchange Server 2019 Cumulative Update 9
- Microsoft Exchange Server 2013 Cumulative Update 23
- Microsoft Exchange Server 2019 Cumulative Update 8
- Microsoft Exchange Server 2016 Cumulative Update 19
- Microsoft Exchange Server 2016 Cumulative Update 20
How do I mitigate this threat?
The patch issued by Microsoft on 13/07/2021 is believed to be effective in remediating this vulnerability.
¹ Quoted from VulDB