{"uuid": "de712bf8-6e5d-4222-8842-eabeef7ae3fa", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-21410", "type": "seen", "source": "https://t.me/MrVGunz/1216", "content": "\ud83d\udccd \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u06cc \u0633\u0631\u0648\u0631\u0647\u0627\u06cc \u0627\u06a9\u0633\u0686\u0646\u062c \u0645\u0627\u06cc\u06a9\u0631\u0648\u0633\u0627\u0641\u062a: \u0628\u06cc\u0634 \u0627\u0632 28,500 \u0633\u0631\u0648\u0631 \u062f\u0631 \u0645\u0639\u0631\u0636 \u062e\u0637\u0631\n\n\u0637\u0628\u0642 \u06af\u0632\u0627\u0631\u0634 \u0627\u062e\u06cc\u0631 Bleeping Computer\u060c \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u06cc \u0628\u062d\u0631\u0627\u0646\u06cc \u062f\u0631 \u0633\u0631\u0648\u0631\u0647\u0627\u06cc \u0645\u0627\u06cc\u06a9\u0631\u0648\u0633\u0627\u0641\u062a \u0627\u06a9\u0633\u0686\u0646\u062c \u0628\u0627 \u0634\u0646\u0627\u0633\u0647 CVE-2024-21410 \u0648 \u0627\u0645\u062a\u06cc\u0627\u0632 9.8 \u062f\u0631 \u0645\u0642\u06cc\u0627\u0633 CVSS \u0634\u0646\u0627\u0633\u0627\u06cc\u06cc \u0634\u062f\u0647 \u0627\u0633\u062a. \u0627\u06cc\u0646 \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u06cc \u0628\u0647 \u0645\u0647\u0627\u062c\u0645\u0627\u0646 \u063a\u06cc\u0631\u0645\u062c\u0627\u0632 \u0627\u0645\u06a9\u0627\u0646 \u0627\u062c\u0631\u0627\u06cc \u062d\u0645\u0644\u0627\u062a NTLM-relay \u0648 \u0627\u0641\u0632\u0627\u06cc\u0634 \u0627\u062e\u062a\u06cc\u0627\u0631\u0627\u062a \u062f\u0631\u0648\u0646 \u0633\u06cc\u0633\u062a\u0645 \u0631\u0627 \u0645\u06cc\u200c\u062f\u0647\u062f.\n\n\u0628\u0647 \u06af\u0632\u0627\u0631\u0634 Shadowservers \u06a9\u0647 \u0646\u0632\u062f\u06cc\u06a9 \u0628\u0647 97,000 \u0633\u0631\u0648\u0631 \u0627\u06a9\u0633\u0686\u0646\u062c \u0645\u0645\u06a9\u0646 \u0627\u0633\u062a \u062f\u0631 \u0645\u0639\u0631\u0636 \u0627\u06cc\u0646 \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u06cc \u0642\u0631\u0627\u0631 \u062f\u0627\u0634\u062a\u0647 \u0628\u0627\u0634\u0646\u062f\u060c \u06a9\u0647 \u0627\u0632 \u0627\u06cc\u0646 \u062a\u0639\u062f\u0627\u062f\u060c \u062d\u062f\u0648\u062f 68,500 \u0633\u0631\u0648\u0631 \u0628\u0647 \u062f\u0644\u06cc\u0644 \u0627\u0642\u062f\u0627\u0645\u0627\u062a Mitigation \u0627\u0639\u0645\u0627\u0644 \u0634\u062f\u0647\u060c \u0647\u0645\u0686\u0646\u0627\u0646 \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631 \u0647\u0633\u062a\u0646\u062f. \u0647\u0645\u0686\u0646\u06cc\u0646\u060c 28,500 \u0633\u0631\u0648\u0631 \u0628\u0647 \u0637\u0648\u0631 \u0642\u0637\u0639\u06cc \u0628\u0647 \u0639\u0646\u0648\u0627\u0646 \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631 \u0634\u0646\u0627\u062e\u062a\u0647 \u0634\u062f\u0647\u200c\u0627\u0646\u062f.\n\n\u0627\u06cc\u0646 \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u06cc \u062f\u0631 \u0633\u0631\u0648\u0631\u0647\u0627\u06cc \u0645\u0633\u062a\u0642\u0631 \u062f\u0631 \u06a9\u0634\u0648\u0631\u0647\u0627\u06cc \u0645\u062e\u062a\u0644\u0641 \u0646\u06cc\u0632 \u0634\u06cc\u0648\u0639 \u062f\u0627\u0631\u062f\u060c \u0628\u0647 \u0637\u0648\u0631\u06cc \u06a9\u0647 \u0628\u06cc\u0634\u062a\u0631\u06cc\u0646 \u062a\u0639\u062f\u0627\u062f \u0633\u0631\u0648\u0631\u0647\u0627\u06cc \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631 \u062f\u0631 \u0622\u0644\u0645\u0627\u0646 (22,903 \u0633\u0631\u0648\u0631) \u0648 \u0627\u06cc\u0627\u0644\u0627\u062a \u0645\u062a\u062d\u062f\u0647 (19,434 \u0633\u0631\u0648\u0631) \u06af\u0632\u0627\u0631\u0634 \u0634\u062f\u0647 \u0627\u0633\u062a.\n\n\u0628\u0627 \u0627\u06cc\u0646\u06a9\u0647 \u0647\u0646\u0648\u0632 \u0647\u06cc\u0686 Proof-of-Concept \u0639\u0645\u0648\u0645\u06cc \u0628\u0631\u0627\u06cc \u0627\u06cc\u0646 \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u06cc \u0645\u0646\u062a\u0634\u0631 \u0646\u0634\u062f\u0647 \u0627\u0633\u062a\u060c \u0627\u062d\u062a\u0645\u0627\u0644 \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u06af\u0633\u062a\u0631\u062f\u0647 \u0627\u0632 \u0622\u0646 \u062a\u0648\u0633\u0637 \u0645\u0647\u0627\u062c\u0645\u0627\u0646 \u0645\u062d\u062f\u0648\u062f \u0627\u0633\u062a. \u0627\u0645\u0627 \u0645\u0639\u0645\u0648\u0644\u0627\u064b\u060c \u067e\u0633 \u0627\u0632 \u0627\u0641\u0634\u0627\u06cc \u0686\u0646\u06cc\u0646 \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u06cc\u200c\u0647\u0627\u06cc\u06cc\u060c \u0645\u0647\u0627\u062c\u0645\u0627\u0646 \u0628\u0647 \u0633\u0631\u0639\u062a \u0631\u0648\u0634\u200c\u0647\u0627\u06cc \u0628\u0647\u0631\u0647\u200c\u0628\u0631\u062f\u0627\u0631\u06cc \u0627\u0632 \u0622\u0646\u200c\u0647\u0627 \u0631\u0627 \u062a\u0648\u0633\u0639\u0647 \u0645\u06cc\u200c\u062f\u0647\u0646\u062f.\n\n\n\ud83d\udd17 \u062c\u0647\u062a \u0645\u0637\u0627\u0644\u0639\u0647 \u0627\u062f\u0627\u0645\u0647 \u0645\u0642\u0627\u0644\u0647 \u0628\u0647 \u0627\u06cc\u0646 \u0633\u0627\u06cc\u062a \u0645\u0631\u0627\u062c\u0639\u0647 \u06a9\u0646\u06cc\u062f:\n\n\n\ud83d\udd3ahttps://www.cert.dk/da/news/2024-02-20/Over-28500-Exchange-servere-saarbare-over-for-aktivt-udnyttet-fejl\n\n\ud83d\udccd Microsoft Exchange Server Vulnerability: Over 28,500 Servers at Risk\n\nAccording to a recent report by Bleeping Computer, a critical vulnerability identified as CVE-2024-21410 with a CVSS score of 9.8 has been found in Microsoft Exchange servers. This vulnerability allows unauthorized attackers to perform NTLM relay attacks and escalate privileges within the system.\n\nShadowservers reports that nearly 97,000 Exchange servers might be exposed to this vulnerability. Out of these, approximately 68,500 servers remain vulnerable despite mitigation efforts, and about 28,500 servers are confirmed to be vulnerable.\n\nThe vulnerability is widespread across servers in various countries, with the highest numbers reported in Germany (22,903 servers) and the United States (19,434 servers).\n\nAlthough no public Proof-of-Concept (PoC) for this vulnerability has been released yet, the potential for attackers to exploit it quickly is high. Generally, after such vulnerabilities are disclosed, attackers swiftly develop methods to exploit them.\n\n\ud83d\udd17 For further reading, please visit:\n\n\ud83d\udd3ahttps://www.cert.dk/da/news/2024-02-20/Over-28500-Exchange-servere-saarbare-over-for-aktivt-udnyttet-fejl", "creation_timestamp": "2024-07-23T16:30:10.000000Z"}