Cloud Security

Actively exploited Exchange Server flaw potentially impacts about 100K instances

Nearly 97,000 Microsoft Exchange Servers could be at risk of ongoing attacks leveraging the critical privilege escalation zero-day vulnerability, tracked as CVE-2024-21410,

BleepingComputer reports.

Mitigations against the flaw have been applied for most of the potentially susceptible Microsoft Exchange Servers but 28,500 of the instances were confirmed to be vulnerable to the security issue, according to Shadowserver. The U.S. had the second-highest number of Microsoft Exchange Servers that could be impacted by the flaw after Germany, with the U.K., France, and Australia rounding out the five countries with the highest Exchange Server exposures. Active exploitation of CVE-2024-21410 has already prompted the Cybersecurity and Infrastructure Security Agency to order federal agencies to remediate the issue through updates, mitigations, or instance disconnections, by March 7. Successful exploitation of the bug could enable privilege escalation to compromise confidential data and facilitate additional network compromise.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.