⚠ Actively exploited in ransomware campaigns
This vulnerability is on the CISA Known Exploited Vulnerabilities list and has been used in known ransomware attacks. CISA required action: Apply updates per vendor instructions.. Due date: 2022-05-03.
CVE-2021-26855
Severity
9.8CRITICAL
EPSS
94.0%
top 0.11%
CISA KEV
KEVRansomware
Added 2021-11-03
Due 2022-05-03
Exploit
Exploited in wild
Active exploitation observed
Affected products
Timeline
PublishedMar 3
KEV addedNov 3
KEV dueMay 3
Latest updateJun 28
CISA Required Action: Apply updates per vendor instructions.
Description
Microsoft Exchange Server Remote Code Execution Vulnerability
CVSS vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:NExploitability: 3.9 | Impact: 5.2
Affected Packages25 packages
Patches
🔴Vulnerability Details
5GHSA▶
GHSA-6784-2mh5-cq56: Microsoft Exchange Server Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-26412, CVE-2021-26854, CVE-2021-26857, CVE-2021-2685↗2022-05-24
💥Exploits & PoCs
8📋Vendor Advisories
2🕵️Threat Intelligence
20Unit42
▶
Unit42▶
Actor Exploits Microsoft Exchange Server Vulnerabilities, Cortex XDR Blocks Harvesting of Credentials↗2021-04-15