Free and open-source vulnerability scanner
Mageni eases for you the vulnerability scanning, assessment, and management process. It is free and open-source.
Install NowAvailable for macOS, Windows, and Linux
Microsoft Exchange Server 2019 ProxyLogon KB5000871 CVE-2021-26855
Information
Severity
Severity
Family
Family
CVSSv2 Base
CVSSv2 Base
CVSSv2 Vector
CVSSv2 Vector
Solution Type
Solution Type
Created
Created
Modified
Modified
Summary
Microsoft Exchange Server is prone to a remote code execution (RCE) vulnerability.
Insight
Insight
Microsoft has detected multiple 0-day exploits being used to attack on-premises versions of Microsoft Exchange Server in limited and targeted attacks. In the attacks observed, the threat actor used these vulnerabilities to access on-premises Exchange servers which enabled access to email accounts, and allowed installation of additional malware to facilitate long-term access to victim environments. Microsoft Threat Intelligence Center (MSTIC) attributes this campaign with high confidence to HAFNIUM, a group assessed to be state-sponsored and operating out of China, based on observed victimology, tactics and procedures.
Affected Software
Affected Software
- Microsoft Exchange Server 2019
Detection Method
Detection Method
Checks if a vulnerable version is present on the target host.
Solution
Solution
The vendor has released updates. Please see the references for more information.
Common Vulnerabilities and Exposures (CVE)
References
- https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2021-2
- https://www.microsoft.com/security/blog/2021/03/02/hafnium-targeting-e
- https://msrc-blog.microsoft.com/2021/03/02/multiple-security-updates-r
- https://blogs.microsoft.com/on-the-issues/2021/03/02/new-nation-state-
- https://techcommunity.microsoft.com/t5/exchange-team-blog/released-mar
- https://www.volexity.com/blog/2021/03/02/active-exploitation-of-micros
- https://proxylogon.com/
- https://support.microsoft.com/en-us/topic/description-of-the-security-
- https://support.microsoft.com/en-us/topic/description-of-the-security-