Lucene search
Piotr Bazydlo (@chudypb) of Trend Micro Zero Day InitiativeZDI-23-162HistoryFeb 24, 2023 - 12:00 a.m.
Microsoft Exchange MultiValuedProperty Exposed Dangerous Function Remote Code Execution Vulnerability
2023-02-2400:00:00
Piotr Bazydlo (@chudypb) of Trend Micro Zero Day Initiative
www.zerodayinitiative.com
51
microsoft exchange
multivaluedproperty
remote code execution
vulnerability
authentication
dangerous function
system
0.012 Low
EPSS
Percentile
85.2%
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft Exchange. Authentication is required to exploit this vulnerability. The specific flaw exists within the MultiValuedProperty class. The issue results from the exposure of a dangerous function. An attacker can leverage this vulnerability to execute code in the context of SYSTEM.
Related
nvd
nvd
CVE-2023-21529
2023-02-14 20:15:11
cve
cve
CVE-2023-21529
2023-02-14 20:15:11
cvelist
cvelist
CVE-2023-21529 Microsoft Exchange Server Remote Code Execution Vulnerability
2023-02-14 19:33:00
prion
prion
Remote code execution
2023-02-14 20:15:00
mscve
mscve
Microsoft Exchange Server Remote Code Execution Vulnerability
2023-02-14 08:00:00
kaspersky
kaspersky
KLA20232 Multiple vulnerabilities in Microsoft Server Software
2023-02-14 00:00:00
nessus
nessus
Security Updates for Microsoft Exchange Server (February 2023)
2023-02-14 00:00:00
mskb
mskb
krebs
krebs
Microsoft Patch Tuesday, February 2023 Edition
2023-02-14 21:01:41
avleonov
avleonov
malwarebytes
malwarebytes
Update now! February's Patch Tuesday tackles three zero-days
2023-02-15 03:00:00
talosblog
talosblog
rapid7blog
rapid7blog
Patch Tuesday - February 2023
2023-02-15 00:41:59