Microsoft says they are aware of “limited targeted attacks” using this vulnerability in the wild.
To exploit this vulnerability, an attacker would need to be authenticated to a vulnerable Exchange Server.
The flaw exists due to the improper validation of command-let (cmdlet) arguments. Optionally, you can enable all analyzers (auto-pilot mode) to have an automated compromise assessment in parallel.īelow you can see the DRONE scanning processĬVE-2021-42321 is an RCE vulnerability in Microsoft Exchange Server. Note: If you have Chrome installed on the machine, you can also run DRONE in Tower mode in the browser by simply double-clicking the executable and enabling the Vulnerability scanner since we added the Microsoft Exchange Server Remote Code Execution Vulnerability (CVE-2021-42321) identifier to the Vulnerability Analyzer (See Image below).
0 kommentar(er)
