CRITICAL🚩 CISA KEV⚡ EXPLOIT✓ PATCH🇵🇱 Wersja polska

CVE-2024-21410

CVSS 9.8v3.1pub. 2024-02-13upd. 2025-10-28

Microsoft Exchange Server Elevation of Privilege Vulnerability

🤖 AI Analysis
How it works

The vulnerability results from improper identity verification (CWE-287 — Improper Authentication) in Microsoft Exchange Server. An attacker without any privileges can bypass authentication mechanisms over the network without user interaction and gain elevated privileges on the server. The network attack vector with low complexity (AC:L) and no prerequisites (PR:N, UI:N) allow the attack to be conducted automatically at scale.

Impact

An attacker can achieve high confidentiality, integrity, and availability of the system — which in practice means potential takeover of a Microsoft Exchange Server instance, access to user email, and the ability for further lateral movement within the organization's network.

Mitigation & patch

Apply patches available from the vendor immediately in accordance with Microsoft Security Response Center (MSRC) references (https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21410). Due to active exploitation of the vulnerability in production environments, the update should be treated as urgent and deployed outside the standard maintenance window.

Who is affected

Microsoft Exchange Server — specific versions indicated in vendor references (Microsoft Security Response Center)

Analysis generated by Claude AI (Anthropic) based on NVD data. Always verify with vendor.
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  • Microsoft Exchange Server

    APP
    Microsoft
    20162019

CISA KEV — detailsi

Vendori
Microsoft
Producti
Exchange Server
Added to KEVi
February 15, 2024
Remediation deadline (US Federal)i
March 7, 2024(overdue)
Required action (CISA)i

Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.

CISA descriptioni

Microsoft Exchange Server contains an unspecified vulnerability that allows for privilege escalation.

🔴
IMMEDIATE ACTION
Actively exploited in the wild (CISA KEV). Patch immediately.
CISA DEADLINE: 7 marca 2024
Tags
Auth Bypass
CWE
References

Related vulnerabilities

CVE-2021-34473CRITICAL9.1⚠ KEVten sam produkt

Microsoft Exchange Server Remote Code Execution Vulnerability

CVE-2021-34523CRITICAL9.0⚠ KEVten sam produkt

Microsoft Exchange Server Elevation of Privilege Vulnerability

CVE-2021-26855CRITICAL9.1⚠ KEVten sam produkt

Microsoft Exchange Server Remote Code Execution Vulnerability

CVE-2023-21709CRITICAL9.8ten sam produkt

Microsoft Exchange Server Elevation of Privilege Vulnerability

CVE-2022-21846CRITICAL9.0ten sam produkt

Microsoft Exchange Server Remote Code Execution Vulnerability