CVE-2021-27065

CVSS 3.1 Score 7.8 of 10 (high)

Details

Published Mar 3, 2021
Updated: Jul 25, 2024
CWE ID 22

Summary

CVE-2021-27065 is a critical vulnerability affecting Microsoft Exchange Servers. This remote code execution issue allows unauthenticated attackers to exploit a flaw in the Exchange Server's Mailbox Transport Service, potentially gaining full control over the targeted system. Successful exploitation could lead to data theft, server compromise, and further attacks against the organization's network. Microsoft strongly recommends installing the available patch as soon as possible to mitigate the risk. This vulnerability was actively exploited in the wild before a patch was released, making it an urgent security concern for organizations using the affected software.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share

Affected Products

  • Microsoft Exchange Server

Affected Vendors

  • Microsoft