Advisory No: TZCERT/SA/2021/08/24
Date of First Release: 24th August 2021
- Microsoft Exchange Server 2019
- Microsoft Exchange Server 2016
- Microsoft Exchange Server 2013
Microsoft Exchange Server contains remote code execution vulnerabilities as a result of improper input validation. Exploitation attempts leverage the latest line of “ProxyShell” Microsoft Exchange vulnerabilities.
Vulnerabilities exist in a way Microsoft Exchange Servers handle Uniform Resource Identifier (URI) validation, user-supplied data validation and validation of access token. An attacker can exploit the flaws to bypass ACL controls, elevate privileges and perform unauthenticated, remote code execution.
Successful exploitation of these vulnerabilities may allow an attacker to take control of the affected system.
Microsoft has issued security updates to address the affected products. Users and administrators are advised to apply necessary updates.