Wednesday, October 27, 2021

PST, Want a Shell? ProxyShell Exploiting Microsoft Exchange Servers

In August 2021, Mandiant Managed Defense identified and responded to the exploitation of a chain of vulnerabilities known as ProxyShell. The ProxyShell vulnerabilities consist of three CVEs (CVE-2021-34473, CVE-2021-34523, CVE-2021-31207) affecting the following versions of on-premises Microsoft Exchange Servers.

Exchange Server 2013 (Cumulative Update 23 and below)

Exchange Server 2016 (Cumulative Update 20 and below)

Exchange Server 2019 (Cumulative Update 9 and below)

The vulnerabilities …

Read More

Latest news
Related news