Skip to main content

Critical Microsoft Exchange Server Flaw (CVE-2024-21410)

Advisory

Advisory
19 FEB 2024

 

Background

A newly discovered critical security flaw in Microsoft Exchange Server has been actively exploited and is being tracked as CVE-2024-21410, with a CVSS score 9.8. The issue has been described as a case of privilege escalation impacting the Exchange Server. This vulnerability allows an attacker to target Outlook credentials which can then be relayed against the Exchange server to gain privileges as the victim client, and to perform operations on the Exchange server on the victim's behalf. In other words, it allows an unauthorized individual to impersonate legitimate users to access the Exchange server.

 

Impact

  • Leaked user credentials.
  • Could relay a user's leaked Net-NTLMv2 hash against a vulnerable Exchange Server and authenticate as the user.
  • Allows attacker to gain privileges.

 

Affected Products

  • Microsoft Exchange Server 2019, 2016 and any other previous versions.

 

Recommendations

 

References