Microsoft Exchange Server Remote Code Execution Vulnerability
CVE-2021-42321

8.8HIGH

Key Information:

Vendor: Microsoft
Status: Microsoft Exchange Server 2016 Cumulative Update 21; Microsoft Exchange Server 2019 Cumulative Update 10; Microsoft Exchange Server 2016 Cumulative Update 22; Microsoft Exchange Server 2019 Cumulative Update 11
Vendor: CVE Published:; 10 November 2021

🔔 Create Microsoft Vulnerability Alert

Badges

💰 Ransomware👾 Exploit Exists🟡 Public PoC🟣 EPSS 93%🦅 CISA Reported

What is CVE-2021-42321?

Microsoft Exchange Server Remote Code Execution Vulnerability

CISA has reported CVE-2021-42321

CISA provides regional cyber and physical services to support security and resilience across the United States. CISA monitor the most dangerious vulnerabilities and have identifed CVE-2021-42321 as being exploited and is known by the CISA as enabling ransomware campaigns.

The CISA's recommendation is: Apply updates per vendor instructions.

Affected Version(s)

Microsoft Exchange Server 2016 Cumulative Update 21 x64-based Systems 15.01.0 < 15.01.2308.020

Microsoft Exchange Server 2016 Cumulative Update 22 x64-based Systems 15.0.0 < 15.01.2375.017

Microsoft Exchange Server 2019 Cumulative Update 10 x64-based Systems 15.02.0 < 15.02.0792.019

Exploit Proof of Concept (PoC)

PoC code is written by security researchers to demonstrate the vulnerability can be exploited. PoC code is also a key component for weaponization which could lead to ransomware.

CVE-2021-42321
Created by DarkSprings

exch_CVE-2021-42321
Created by 7BitsTeam

exchange_tools
Created by gmeier909