Security News > 2023 > November > New Microsoft Exchange zero-days allow RCE, data theft attacks

Microsoft Exchange is impacted by four zero-day vulnerabilities that attackers can exploit remotely to execute arbitrary code or disclose sensitive information on affected installations.
ZDI-23-1578 - A remote code execution flaw in the 'ChainedSerializationBinder' class, where user data isn't adequately validated, allowing attackers to deserialize untrusted data.
Attackers can exploit it to access sensitive information from Exchange servers.
Millions of Exim mail servers exposed to zero-day RCE attacks.
3,000 Apache ActiveMQ servers vulnerable to RCE attacks exposed online.
HelloKitty ransomware now exploiting Apache ActiveMQ flaw in attacks.
News URL
Related news
- Craft CMS RCE exploit chain used in zero-day attacks to steal data (source)
- US indicts Black Kingdom ransomware admin for Microsoft Exchange attacks (source)
- Microsoft Warns of Tax-Themed Email Attacks Using PDFs and QR Codes to Deliver Malware (source)
- Google fixes Android zero-days exploited in attacks, 60 other flaws (source)
- Microsoft April 2025 Patch Tuesday fixes exploited zero-day, 134 flaws (source)
- Microsoft: Windows CLFS zero-day exploited by ransomware gang (source)
- Microsoft fixes actively exploited Windows CLFS zero-day (CVE-2025-29824) (source)
- CISA Warns of CentreStack's Hard-Coded MachineKey Vulnerability Enabling RCE Attacks (source)
- Microsoft investigates global Exchange Admin Center outage (source)
- CentreStack RCE exploited as zero-day to breach file sharing servers (source)