Rewterz Threat Alert – Russian Missile Manufacturer Targeted in Cyber Intrusion Linked to North Korean Threat Actor ‘ScarCruft’ – Active IOCs
August 8, 2023Recruitment Drive at Iqra University
August 8, 2023Rewterz Threat Alert – Russian Missile Manufacturer Targeted in Cyber Intrusion Linked to North Korean Threat Actor ‘ScarCruft’ – Active IOCs
August 8, 2023Recruitment Drive at Iqra University
August 8, 2023Severity
High
Analysis Summary
CVE-2023-35388 CVSS:8
Microsoft Exchange Server could allow a remote authenticated attacker to execute arbitrary code on the system. By sending a specially crafted request, an attacker could exploit this vulnerability to execute arbitrary code on the system with NT AUTHORITY\SYSTEM privileges.
CVE-2023-38182 CVSS:8
Microsoft Exchange Server could allow a remote authenticated attacker within the local network to execute arbitrary code on the system. By sending a specially crafted request, an attacker could exploit this vulnerability to execute arbitrary code on the system.
CVE-2023-21709 CVSS:9.8
Microsoft Exchange Server could allow a remote attacker to gain elevated privileges on the system. By sending a specially crafted request, an attacker could exploit this vulnerability to execute arbitrary code with higher privileges.
CVE-2023-38181 CVSS:8.8
Microsoft Exchange Server could allow a remote authenticated attacker to conduct spoofing attacks.
Impact
- Code Execution
- Privilege Escalation
- Gain Access
Indicators Of Compromise
CVE
- CVE-2023-36788
- CVE-2023-36799
Affected Vendors
Microsoft
Affected Products
- Microsoft Exchange Server 2016 CU23
- Microsoft Exchange Server 2019 CU12
- Microsoft Exchange Server 2019 CU13
- Microsoft Azure DevOps Server 2022.0.1
- Microsoft Azure DevOps Server 2019.1.2
Remediation
Use Microsoft Automatic Update to apply the appropriate patch for your system, or the Microsoft Security Update Guide to search for available patches.