Security News > 2024 > February > Critical Exchange Server Flaw (CVE-2024-21410) Under Active Exploitation
2024-02-15 05:19
Microsoft on Wednesday acknowledged that a newly disclosed critical security flaw in Exchange Server has been actively exploited in the wild, a day after it released fixes for the vulnerability as part of its Patch Tuesday updates. Tracked as CVE-2024-21410 (CVSS score: 9.8), the issue has been described as a case of privilege escalation impacting the Exchange Server. "An attacker
News URL
https://thehackernews.com/2024/02/critical-exchange-server-flaw-cve-2024.html
Related news
- Critical Zimbra RCE vulnerability under mass exploitation (CVE-2024-45519) (source)
- VMware fixes critical vCenter Server RCE bug – again! (CVE-2024-38812) (source)
- Critical Zimbra RCE flaw exploited to backdoor servers using emails (source)
- Critical Ivanti Endpoint Manager flaw exploited (CVE-2024-29824) (source)
- Qualcomm zero-day under targeted exploitation (CVE-2024-43047) (source)
- Exploit code for critical GitLab auth bypass flaw released (CVE-2024-45409) (source)
- GitHub Patches Critical Flaw in Enterprise Server Allowing Unauthorized Instance Access (source)
- VMware Releases vCenter Server Update to Fix Critical RCE Vulnerability (source)
- VMware fixes bad patch for critical vCenter Server RCE flaw (source)
- CISA Warns of Active Exploitation of Microsoft SharePoint Vulnerability (CVE-2024-38094) (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-02-13 | CVE-2024-21410 | Unspecified vulnerability in Microsoft Exchange Server 2016/2019 Microsoft Exchange Server Elevation of Privilege Vulnerability | 9.8 |