Expert released PoC exploit code for Microsoft Exchange CVE-2021-42321 RCE bug
Latest in cybersecurity.
A researcher has released a proof-of-concept exploit code for an actively exploited vulnerability affecting Microsoft Exchange servers.
The CVE-2021-42321 is a high-severity remote code execution issue that occurs due to improper validation of cmdlet arguments. Microsoft pointed out that the flaw can be exploited only by an authenticated attacker.
Microsoft addressed the flaw with the release of Microsoft Patch Tuesday security updates for November 2021, the vulnerability impacts on-premises Exchange Server 2016 and Exchange Server 2019.
“We are aware of limited targeted attacks in the wild using one of vulnerabilities (CVE-2021-42321), which is a post-authentication vulnerability in Exchange 2016 and 2019. Our recommendation is to install these updates immediately to protect your environment.” read the announcement published by Microsoft. “These vulnerabilities affect on-premises Microsoft Exchange Server, including servers used by customers in Exchange Hybrid mode. Exchange Online customers are already protected and do not need to take any action.”
“As many ppl requested, Here is the PoC of CVE-2021-42321, Exchange Post-Auth RCE This PoC just pop mspaint.exe on the target, can be use to recognize the signature pattern of a successful attack event” wrote the researcher on Twitter.
via Security Affairs https://ift.tt/2ISWpiN
November 23, 2021 at 09:20AM