Free and open-source vulnerability scanner

Mageni eases for you the vulnerability scanning, assessment, and management process. It is free and open-source.

Install Now

Available for macOS, Windows, and Linux

App screenshot

Microsoft Exchange Server 2019 ProxyLogon KB5000871 CVE-2021-26855

Information

Severity

Severity

High

Family

Family

Windows : Microsoft Bulletins

CVSSv2 Base

CVSSv2 Base

7.5

CVSSv2 Vector

CVSSv2 Vector

AV:N/AC:L/Au:N/C:P/I:P/A:P

Solution Type

Solution Type

Vendor Patch

Created

Created

3 years ago

Modified

Modified

3 years ago

Summary

Microsoft Exchange Server is prone to a remote code execution (RCE) vulnerability.

Insight

Insight

Microsoft has detected multiple 0-day exploits being used to attack on-premises versions of Microsoft Exchange Server in limited and targeted attacks. In the attacks observed, the threat actor used these vulnerabilities to access on-premises Exchange servers which enabled access to email accounts, and allowed installation of additional malware to facilitate long-term access to victim environments. Microsoft Threat Intelligence Center (MSTIC) attributes this campaign with high confidence to HAFNIUM, a group assessed to be state-sponsored and operating out of China, based on observed victimology, tactics and procedures.

Affected Software

Affected Software

- Microsoft Exchange Server 2019

Detection Method

Detection Method

Checks if a vulnerable version is present on the target host.

Solution

Solution

The vendor has released updates. Please see the references for more information.

Common Vulnerabilities and Exposures (CVE)