ProxyShell flaws in Microsoft Exchange

  • CERT Admin
  • Mon Aug 23 2021
  • Alerts

Threat Level 


Components Affected 

● Microsoft Exchange Server 2013 

● Microsoft Exchange Server 2016 

● Microsoft Exchange Server 2019 


There have been exploitations identified in the Microsoft Exchange server due to the vulnerability of the ProxyShell. The above versions of Microsoft Exchange servers are vulnerable if they have not been updated to the May 2021 Cumulative Update package. (KB5003435).  

1. CVE-2021-34473. 

2. CVE-2021-34523 – both had security updates released in April 2021, and 

3. CVE-2021-31207, which had a security update released in May 2021. 


The vulnerability enables attackers to bypass ACL controls, elevate privileges on the exchange PowerShell backend permitting attackers to perform unauthenticated remote code execution. This vulnerability could lead to possibility of infecting LockFile ransomware on compromised system. 


● Expose sensitive information 

● Service disruption 

● Ransomware infections  


Apply the latest update to your exchange server 






The information provided herein is on an "as is" basis, without warranty of any kind. 

Last updated: Mon Aug 23 2021