Lucene search
K

87 matches found

Malwarebytes
Malwarebytes
added 2021/03/03 12:34 p.m.3141 views

Patch now! Exchange servers attacked by Hafnium zero-days

Microsoft has detected multiple zero-day exploits being used to attack on-premises versions of Microsoft Exchange Server in limited and targeted attacks. Microsoft attributes the attacks to a group they have dubbed Hafnium. “HAFNIUM primarily targets entities in the United States across a number ...

7.5CVSS10AI score0.99999EPSS
Exploits66
Circl
Circl
added 2021/03/03 2:44 a.m.9 views

CVE-2021-26855

creationtimestamp| type| source ---|---|--- 2021-03-03 02:44:45+00:00| seen| https://t.me/cibsecurity/24377 2021-03-03 04:00:00+00:00| seen| https://www.govcert.gov.hk/en/alertsdetail.php?id=556 2021-03-03 06:30:17+00:00| seen| MISP/76591c3b-efb3-4084-a644-87a6cca8c784 2021-03-07 19:26:18+00:00|...

9.8CVSS7.1AI score0.99999EPSS
In wildExploits63References79
ATTACKERKB
ATTACKERKB
added 2021/03/03 12:0 a.m.617 views

CVE-2021-26855

Microsoft Exchange Server Remote Code Execution Vulnerability Recent assessments: wvu-r7 at March 09, 2021 7:01am UTC reported: CVE-2021-26855 CVE-2021-26855 is an SSRF vulnerability in Exchange that allows privileged access to Exchange’s backend resources, ultimately leading to pre-auth RCE when...

9.8CVSS9AI score0.99999EPSS
In wildExploits65References6
Tenable Nessus
Tenable Nessus
added 2021/03/03 12:0 a.m.420 views

Security Updates for Microsoft Exchange Server (March 2021)

The Microsoft Exchange Server installed on the remote host is missing security updates. It is, therefore, affected by multiple vulnerabilities: - A remote code execution vulnerability. An attacker could exploit this to execute unauthorized arbitrary code. CVE-2021-26412, CVE-2021-26854,...

9.8CVSS9.2AI score0.99999EPSS
Exploits69References9
CVE
CVE
added 2021/03/02 11:55 p.m.3131 views

CVE-2021-26855

CVE-2021-26855 is an Exchange Server SSRF vulnerability that enables pre-auth access to Exchange backend and, when chained with CVE-2021-27065, can lead to remote code execution. Public exploitation activity and PoCs (e.g., Nmap http-vuln-cve2021-26855 scripts and curl demonstrations) illustrate ...

9.8CVSS9.5AI score0.99999EPSS
In wildExploits63References6Affected Software1
Check Point Advisories
Check Point Advisories
added 2021/03/02 12:0 a.m.32 views

Microsoft Exchange Server Remote Code Execution (CVE-2021-26855; CVE-2021-27065)

A remote code execution vulnerability exists in Microsoft Microsoft Exchange. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

7.5CVSS5.5AI score0.99999EPSS
Exploits65
CVE
CVE
added 1976/01/01 12:0 a.m.308 views

CVE-2020-26855

CVE-2020-26855 is rejected/not used per the initial description; not an active vulnerability entry.

6.7AI score
Exploits0
Rows per page
Query Builder