Detections
Analytics

CVE-2021-34473

critical

Description

Microsoft Exchange Server Remote Code Execution Vulnerability

References

https://www.microsoft.com/en-us/security/blog/2023/03/24/guidance-for-investigating-attacks-using-cve-2023-23397/

https://research.nccgroup.com/2023/11/20/is-this-the-real-life-is-this-just-fantasy-caught-in-a-landslide-noescape-from-ncc-group/

https://www.zscaler.com/blogs/security-research/retrospective-avoslocker

https://cyware.com/resources/research-and-analysis/beneath-the-surface-avoslockers-ransomware-as-a-service-and-cybercrime-tactics-f14f

https://www.cisa.gov/news-events/cybersecurity-advisories/aa23-215a

https://www.tenable.com/cyber-exposure/tenable-2022-threat-landscape-report

https://duo.com/decipher/hive-ransomware-attacks-target-fortios-microsoft-exchange-flaws

https://www.tenable.com/cyber-exposure/a-look-inside-the-ransomware-ecosystem

https://unit42.paloaltonetworks.com/lockbit-2-ransomware/

https://www.cisa.gov/news-events/cybersecurity-advisories/aa22-117a

https://www.tenable.com/cyber-exposure/2021-threat-landscape-retrospective

https://www.microsoft.com/en-us/security/blog/2021/12/11/guidance-for-preventing-detecting-and-hunting-for-cve-2021-44228-log4j-2-exploitation/

https://www.cisa.gov/sites/default/files/publications/AA21-321A-Iranian%20Government-Sponsored%20APT%20Actors%20Exploiting%20Microsoft%20Exchange%20and%20Fortinet%20Vulnerabilities.pdf

https://www.securityweek.com/babuk-ransomware-seen-exploiting-proxyshell-vulnerabilities/

https://web.archive.org/web/20211025233339/https://twitter.com/pancak3lullz/status/1452679527197560837

https://symantec-enterprise-blogs.security.com/blogs/threat-intelligence/lockfile-ransomware-new-petitpotam-windows

https://www.tenable.com/blog/proxyshell-attackers-actively-scanning-for-vulnerable-microsoft-exchange-servers-cve-2021-34473

https://www.fortiguard.com/threat-signal-report/4121/brand-new-lockfile-ransomware-distributed-through-proxyshell-and-petitpotam

https://www.zerodayinitiative.com/advisories/ZDI-21-821/

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-34473

Details

Source: Mitre, NVD

Published: 2021-07-14

Updated: 2023-12-28

Risk Information

CVSS v2

Base Score: 10

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

Severity: Critical

CVSS v3

Base Score: 9.1

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

Severity: Critical