CVE-2021-26857

CVE Published	2021-03-03
Related CWE(s)	CWE-502: Deserialization of Untrusted Data
Related Vendor(s)	microsoft
Related Product(s)	exchange_server
Exploitation Reported (CISA KEV)	2021-11-03
CVSS 3 Base Score	7.8 (HIGH)
CVSS 3 Attack Complexity	LOW
CVSS 3 Attack Vector	LOCAL

Microsoft Exchange Server Remote Code Execution Vulnerability

Cyber Threat Graph Context

Explore how this CVE relates to the wider threat graph

Threat Reports Related to CVE-2021-26857

Report

HAFNIUM targeting Exchange Servers with 0-day exploits

In March 2021 Microsoft detected multiple zero-day exploits being used as part of a widespread campaign by HAFNIUM / Silk Typhoon. This report ...

View Source

Associated CAPEC Patterns

Object Injection (CAPEC-586)

An adversary attempts to exploit an application by injecting additional, malicious content during its processing of serialized objects. Developers leverage serialization in order to convert data or state into a static, binary format for saving to disk or transferring over a network. These objects are then deserialized when needed to recover the data/state. By injecting a malformed object into a vulnerable application, an adversary can potentially compromise the application by manipulating the deserialization process. This can result in a number of unwanted outcomes, including remote code execution.

References

CVE.org

View more information about CVE-2021-26857 on the official MITRE CVE website.

NIST National Vulnerability Database

CVE-2021-26857 on the NIST NVD.

CISA Known Exploited Vulnerabilities