Rewterz Threat Alert: RDP Tunneling leading to network security bypass
January 25, 2019Rewterz Threat Advisory – CVE-2019-1652 – Cisco RV320/RV325 Routers Command Injection Vulnerability
January 28, 2019Rewterz Threat Alert: RDP Tunneling leading to network security bypass
January 25, 2019Rewterz Threat Advisory – CVE-2019-1652 – Cisco RV320/RV325 Routers Command Injection Vulnerability
January 28, 2019SEVERITY: High
CATEGORY: Vulnerability
ANALYSIS SUMMARY
Microsoft Exchange could allow a local authenticated attacker to gain elevated privileges on the system, caused by default high privileges in the Active Directory domain. By using an API call, an attacker could exploit this vulnerability to become a Domain Admin and gain elevated privileges on the system. The Exchange Windows Permissions group has WriteDacl access on the domain object in active directory, which enables any member of this group to modify the domain privileges, among which is the privilege to perform DCSync operations.
IMPACT
Privilege Escalation
AFFECTED PRODUCTS
- Microsoft Exchange Server 2013 CU21
- Microsoft Exchange Server 2019
- Microsoft Exchange Server 2016 CU11
REMEDIATION
Vendor has not released any of the updates for the following vulnerability.