Microsoft Exchange Server Elevation of Privilege Vulnerability (CVE-2024-21410)

Published On: Feb 15, 2024 12:22

Advisory No: TZCERT/SA/2024/02/15

Source: Microsoft

Software Affected: Microsoft Exchange Server

Overview

Microsoft has disclosed a critical security flaw in Exchange Server that is being exploited by malicious actors. Successful exploitation of this flaw may allow an attacker to gain privileges as the victim client.

Description

The vulnerability (CVE-2024-21410, CVSS score: 9.8) results in NTLM credentials-leaking when an attacker targets a victim e.g. NTLM client such as Outlook. Successful exploitation of the flaw could permit an attacker to relay a user's leaked Net-NTLMv2 hash against a susceptible Exchange Server and authenticate as the user

Impact

Successful exploitation of this vulnerability may allow a remote attacker to take control of the affected system.

Solution

Microsoft has released security updates to resolve this vulnerability. Users and administrations are encouraged to update as soon as possible.

Subscribe To TZ - CERT Newsletter

A digest of Tanzania Computer Emergency Response Team coverage of cyber-security news across the globe.

Subscribe
Report Incident