Elevation of Privilege Vulnerability Affects Microsoft Exchange Server

Summary

The Microsoft Exchange Server vulnerability CVE-2024-21410 has been actively exploited in attacks, allowing attackers to mount pass-the-hash attacks and gain privileges as the victim client to perform operations on the Exchange server. An attacker could exploit the bug to relay a user’s Net-NTLMv2 hash against a vulnerable server and authenticate as that user. The vulnerability has been addressed with the release of Exchange Server 2019 Cumulative Update 14. Check Point also published details on another critical-severity Outlook vulnerability, CVE-2024-21413, which allows attackers to bypass the Office Protected View and execute code remotely. Exploitation of this issue can lead to data theft, malware execution, privilege escalation, and victim impersonation. Both individual users and organizations are advised to apply any patches or security updates provided by Microsoft, to follow recommended security practices, and to remain vigilant against suspicious hyperlinks and emails.

News Articles

Beeping Computers

CVE-2024-21410

Germany warns of 17K vulnerable Microsoft Exchange servers exposed online

The German national cybersecurity authority warned on Tuesday that it found at least 17,000 Microsoft Exchange servers in Germany exposed online and vulnerable to one or more critical security vulnerabilities.

8 months ago

Help Net Security

CVE-2024-21410CVE-2024-26198

17,000+ Microsoft Exchange servers in Germany are vulnerable to attack, BSI warns - Help Net Security

At least 17,000 instances of Microsoft Exchange servers in Germany - and likely more of them - are vulnerable to one or more critical flaws.

8 months ago

Security Affairs

CVE-2024-21410

CISA adds Microsoft Exchange and Cisco ASA and FTD bugs to its Known Exploited Vulnerabilities catalog

U.S. CISA adds Microsoft Exchange and Cisco ASA and FTD bugs to its Known Exploited Vulnerabilities catalog.

9 months ago

More News...