May 19, 2024

Researchers through Trend Micro’s Zero Day Initiative has disclosed four zero-day vulnerabilities in Microsoft Exchange that can be remotely exploited by an authenticated attacker to execute arbitrary code or disclose sensitive information on vulnerable installs.

The flaws was reported to Microsoft on September 7th and 8th, 2023, but the fix yet to be released by them, despite acknowledging the vulnerabilities. ZDI opted to publicly disclose the vulnerability in compliance with its responsible disclosure policy

Advertisements

Microsoft Exchange ChainedSerializationBinder Deserialization of Untrusted Data RCE Vulnerability

The vulnerability ZDI-23-1578  allows remote attackers to execute arbitrary code on affected installations of Microsoft Exchange. Authentication is required to exploit this vulnerability. The specific flaw exists within the ChainedSerializationBinder class and resulted from the lack of proper validation of user-supplied data, which can result in deserialization of untrusted data. An attacker can leverage this vulnerability to execute code in the context of SYSTEM.

Microsoft Exchange DownloadDataFromUri SSRF Information Disclosure Vulnerability

The vulnerability ZDI-23-1579 allows remote attackers to disclose sensitive information on affected installations of Microsoft Exchange. Authentication is required to exploit this vulnerability. The specific flaw exists within the DownloadDataFromUri method and resulted from the lack of proper validation of a URI prior to accessing resources. An attacker can leverage this vulnerability to disclose information in the context of the Exchange server.

Advertisements

Microsoft Exchange DownloadDataFromOfficeMarketPlace SSRF Information Disclosure Vulnerability –

This vulnerability ZDI-23-1580 allows remote attackers to disclose sensitive information on affected installations of Microsoft Exchange. Authentication is required to exploit this vulnerability. The specific flaw exists within the DownloadDataFromOfficeMarketPlace method and resulted due to the lack of proper validation of a URI prior to accessing resources. An attacker can leverage this vulnerability to disclose information in the context of the Exchange server.

Microsoft Exchange CreateAttachmentFromUri SSRF Information Disclosure Vulnerability –

ThE vulnerability ZDI-23-1581 allows remote attackers to disclose sensitive information on affected installations of Exchange. Authentication is required to exploit this vulnerability. The specific flaw exists within the CreateAttachmentFromUri method and resulted due to the lack of proper validation of a URI prior to accessing resources. An attacker can leverage this vulnerability to disclose information in the context of the Exchange server.

Tags:

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

You may have missed

Git fixes critical RCE Vulnerability -CVE-2024-32002

May 18, 2024

LockBit Breaches City of Wichita

May 18, 2024

CISA KEV Update – May 2024

May 17, 2024

Google fixes 2nd Zeroday in a Week – CVE-2024-4947

May 16, 2024

US Authorities took control of BreachForums

May 16, 2024

Microsoft Zeroday Bug CVE-2024-30051 exploited to install QakBot

May 15, 2024

Discover more from TheCyberThrone

Subscribe now to keep reading and get access to the full archive.

Continue reading