Baile » Leochaileacht Microsoft Exchange Proxyshell

Leochaileacht Microsoft Exchange Proxyshell

microsoft-exchange-proxyshell

New exploit has been found that can cause Microsoft Exchange servers to be actively exploited. Attackers can use ProxyShell in order to use this exploit.

The three main vulnerabilites are:

  • CVE-3032-34473 – Pre-auth Path Confusion leads to ACL Bypass
  • CVE-2021-34523 – Elevation of Privilege on Exchange PowerShell backend
  • CVE-2021-31207 – Post-auth Arvitrary-File-Write leads to RCE

This vulnerability has been found and demonstrated by researcher Orange Tsai and his colleagues in the DEVCORE Research team at the Pwn20wn contents that was held earlier this year.

He said that these exploits are worse and more vulnerable than the ProxyLogon vulnerability that he also found. Simply because they are more exploitable.

Compared to ProxyLogon:

With ProxyLogon attacks, the attackers needed to know an Exchange administrators mailbox and hardcoded administrator@ to get the exploit to work. With this ProxyShell they dont need to do that in advance, this is why it is more dangerous than previous one.

How to fix Microsoft Exchange ProxyShell vulnerability

Microsoft released a patch in April and May 2021 that was supposed to stop these vulnerabilites, but they failed to assign CVEs to them so that it could soon lead to new problems.

These vulnerabilites can be exploited in various ways, so best way to stay safe against this kind of activity is to use VPN and keep every software and service always up-to-date.

So everyone and every enterprise that is using Microsoft Exchange servers should make sure that the program is up-to-date with the latest patches in order to protect against exploitation.

Feabhas a chur ar do shlándáil idirlín leis na VPNanna seo

Lógó NordVPN
5/5
  • Ag luí le Netflix, BBC & Disney
  • Triail lae 30 saor in aisce
  • Torrents Neamhtheoranta
  • Níos mó ná 55 tír
Tabhair cuairt ar láithreán NordVPN
Lógó ExpressVPN
5/5
  • Ag luí le Netflix, BBC & Disney
  • Triail lae 30 saor in aisce
  • Torrents Neamhtheoranta
  • Níos mó ná 90 tír
  • Beartas gan aon logáil isteach
Tabhair cuairt ar shuíomh ExpressVPN
Lógó CyberGhostVPN
5/5
  • Ag luí le Netflix, BBC & Disney
  • Triail lae 45 saor in aisce
  • Torrents Neamhtheoranta
  • Níos mó ná 90 tír
  • Beartas gan aon logáil isteach
Tabhair cuairt ar láithreán CyberGhostVPN
Lógó PureVPN
5/5
  • Ceangal VPN tapa agus slán
  • Triail lae 31 saor in aisce
  • Torrents Neamhtheoranta
  • Níos mó ná 2000 freastalaí
  • IP Tiomnaithe
Tabhair cuairt ar láithreán PureVPN