Critical Exchange Server Flaw (CVE-2024-21410) Under Active Exploitation

By neub9
1 Min Read

Feb 15, 2024Newsroom

Threat Intelligence / Vulnerability

Microsoft has acknowledged that a newly disclosed critical security flaw in Exchange Server has been actively exploited in the wild. This comes a day after it released fixes for the vulnerability as part of its Patch Tuesday updates.

Tracked as CVE-2024-21410 (CVSS score: 9.8), the issue has been described as a case of privilege escalation impacting the Exchange Server.

“An attacker could target an NTLM client such as Outlook with an NTLM credentials-leaking type vulnerability,” the company said in an advisory published this week.

Share This Article
Leave a comment

Leave a Reply

Your email address will not be published. Required fields are marked *