Vulnerability

ProxyShell Vulnerability

This blog contains information about the ProxyShell vulnerability. As soon as we have an update, we’ll add it to this post. More information about possible risks and details can be found at the bottom of this blog.

Clip path group@2x

T-Update

Information about vulnerabilities

This blog contains information about the ProxyShell vulnerability. As soon as we have an update, we’ll add it to this post. More information about possible risks and details can be found at the bottom of this blog.

Update August 10, 2021

13:00 | Security researcher Orange Tsai, who discovered the ProxyLogon vulnerability, has published a new vulnerability known as ProxyShell. ProxyShell is a combination of 3 vulnerabilities, which provide unauthenticated remote code execution on Microsoft Exchange servers. Several sources confirm active scanning for the vulnerability, with limited successful exploitation.

Customized cyber security

Background

Risk

The following CVE references belong to this vulnerability.

Advice

Patches have been available since April and May 2021. Tesorion urgently advices is to install the patches immediately on your Exchange environment.

Sources

Learn more about ProxyShell on these external sources:

NCSC advice

News article Bleepingcomputer

Ellipse 6

Sign up to receive T-Updates

Receive the latest vulnerabilities in your email every Wednesday

More than 1,000 organisations have already joined us.

Tesorion gebruikt jouw gegevens voor het versturen van de gevraagde informatie. Daarnaast worden je gegevens mogelijk gebruikt voor commerciële opvolging. Je kunt je op elk gewenst moment hiervoor afmelden via de link in de e-mail. Lees voor meer informatie ons privacybeleid.

Ellipse 6