CVE-2021-34523

CRITICAL
2021-07-14 [email protected]
9.0
CVSS 3.1
Share

CVSS Vector

CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:N
Attack Vector
Local
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Changed
Confidentiality
High
Integrity
High
Availability
None

Lifecycle Timeline

5
Analysis Generated
Mar 26, 2026 - 11:19 vuln.today
Added to CISA KEV
Oct 30, 2025 - 19:13 cisa
CISA KEV
PoC Detected
Oct 30, 2025 - 19:13 vuln.today
Public exploit code
Patch Released
Oct 30, 2025 - 19:13 nvd
Patch available
CVE Published
Jul 14, 2021 - 18:15 nvd
CRITICAL 9.0

Description

Microsoft Exchange Server Elevation of Privilege Vulnerability

Analysis

Microsoft Exchange Server contains a privilege escalation vulnerability in the PowerShell backend that allows authenticated Exchange users to escalate to Exchange admin, the second component of the ProxyShell attack chain.

Technical Context

The vulnerability in Exchange's PowerShell Remoting endpoint allows an attacker who has gained access through the SSRF (CVE-2021-34473) to escalate privileges from a standard mailbox user context to Exchange administrator. This enables access to the New-MailboxExportRequest cmdlet for web shell deployment.

Affected Products

['Microsoft Exchange Server 2013/2016/2019']

Remediation

Apply Microsoft security updates. Monitor Exchange PowerShell audit logs for unauthorized cmdlet execution. Restrict Exchange PowerShell access to authorized administrators.

Priority Score

219
Low Medium High Critical
KEV: +50
EPSS: +93.9
CVSS: +45
POC: +20

Share

CVE-2021-34523 vulnerability details – vuln.today
Back

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy