{"vulnerability": "CVE-2023-21707", "sightings": [{"uuid": "7be7ad09-aefb-4410-afbb-12f90ca2b32b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-21707", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/4653", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2023\n\u63cf\u8ff0\uff1aCVE-2023-21707 EXP\nURL\uff1ahttps://github.com/N1k0la-T/CVE-2023-21707\n\n\u6807\u7b7e\uff1a#CVE-2023", "creation_timestamp": "2023-06-30T10:20:04.000000Z"}, {"uuid": "be687ad0-50b3-4b89-a949-8026139a298b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-21707", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/5999", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2023-21707\n\ud83d\udd25 CVSS Score: 8.8 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C)\n\ud83d\udd39 Description: Microsoft Exchange Server Remote Code Execution Vulnerability\n\ud83d\udccf Published: 2023-02-14T19:32:45.126Z\n\ud83d\udccf Modified: 2025-02-28T21:14:18.304Z\n\ud83d\udd17 References:\n1. https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21707", "creation_timestamp": "2025-02-28T21:37:28.000000Z"}, {"uuid": "76eeb206-8a25-4dba-b4b6-caa12e6141b5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-21707", "type": "published-proof-of-concept", "source": "https://t.me/road_to_oscp/199", "content": "Microsoft Exchange Powershell Remoting Deserialization leading to RCE (CVE-2023-21707) \n\n\ud83d\udc64 by testanull\n\nWhile analyzing CVE-2022-41082, also known as Proxy Not Shell, researcher discovered CVE-2023-21707 vulnerability which he has detailed in this blog.\nThe vulnerability allows a privileged user to trigger RCE during a deserialization of untrusted data.\n\n\ud83d\udcdd Contents:\n\u25cf Introduction \n\u25cf The new variant\n\u25cf Payload delivery\n\u25cf Demo\n\u25cf References\n\nhttps://starlabs.sg/blog/2023/04-microsoft-exchange-powershell-remoting-deserialization-leading-to-rce-cve-2023-21707/", "creation_timestamp": "2023-04-28T13:05:15.000000Z"}, {"uuid": "0abdb277-4de9-41dd-8993-26c444b56e03", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-21707", "type": "published-proof-of-concept", "source": "https://t.me/ptswarm/171", "content": "Microsoft Exchange Powershell Remoting Deserialization leading to RCE (CVE-2023-21707) \n\n\ud83d\udc64 by testanull\n\nWhile analyzing CVE-2022-41082, also known as Proxy Not Shell, researcher discovered CVE-2023-21707 vulnerability which he has detailed in this blog.\nThe vulnerability allows a privileged user to trigger RCE during a deserialization of untrusted data.\n\n\ud83d\udcdd Contents:\n\u25cf Introduction \n\u25cf The new variant\n\u25cf Payload delivery\n\u25cf Demo\n\u25cf References\n\nhttps://starlabs.sg/blog/2023/04-microsoft-exchange-powershell-remoting-deserialization-leading-to-rce-cve-2023-21707/", "creation_timestamp": "2023-04-28T10:57:54.000000Z"}, {"uuid": "479e5ae6-ced7-4966-a763-bf0a4e7f5d75", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-21707", "type": "published-proof-of-concept", "source": "Telegram/j-PUES0i9rFTwJPs3xo0rqIiaOpE5DU2SMa5knqiAhxtUNY", "content": "", "creation_timestamp": "2023-05-04T00:48:01.000000Z"}, {"uuid": "55b34577-6a4a-41ce-81e6-4418fd283ec9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-21707", "type": "seen", "source": "https://t.me/realvulnerabilities/6", "content": "February Microsoft Patch. I decided to change the format a bit. I will share the general impression right away, but the full blog post/video will be released with a delay.\n\n1. RCE - Windows Graphics Component (CVE-2023-21823) seems the most critical. Interestingly, ZDI marked this vulnerability as EoP and did not add it to their review. Apparently MS changed the type of vulnerability before the release. Let's hope that the EDRs will promptly start blocking the exploitation.\n2. EoP - Windows Common Log File System Driver (CVE-2023-23376) with a sign of active exploitation.\n3. Multiple RCEs for Exchange (CVE-2023-21529, CVE-2023-21706, CVE-2023-21707, CVE-2023-21710). But so far no signs of exploitation.\n4. A funny Inf. Disclosure in augmented reality devices HoloLens 1 (CVE-2019-15126), it's an old Broadcom vulnerability with a bunch of exploits. \n\nRaw Vulristics report. There are problems with software detections, I will fix them later.", "creation_timestamp": "2023-02-22T03:33:02.000000Z"}, {"uuid": "ef59705e-d915-46d6-85be-61435cc43cdc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-21707", "type": "published-proof-of-concept", "source": "Telegram/9hUIH3ETSemWb6pFL2xu9bbxIjv7EfeaDPqRJfpFjfMW9vA", "content": "", "creation_timestamp": "2023-05-29T17:18:05.000000Z"}, {"uuid": "35c120ce-d6d8-49df-a69f-48628453a802", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-21707", "type": "published-proof-of-concept", "source": "Telegram/IJdk8EgdF425B9u4sstsH8GCBmYYaBTZZWgIGcl1A18gp24", "content": "", "creation_timestamp": "2023-05-10T08:30:47.000000Z"}, {"uuid": "c1564b0c-3513-44e5-bf93-ec4ebcfa6fe0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-21707", "type": "seen", "source": "https://t.me/RalfHackerChannel/1328", "content": "Microsoft Exchange Powershell Remoting Deserialization leading to RCE (CVE-2023-21707) \n\n\ud83d\udc64 by testanull\n\nWhile analyzing CVE-2022-41082, also known as Proxy Not Shell, researcher discovered CVE-2023-21707 vulnerability which he has detailed in this blog.\nThe vulnerability allows a privileged user to trigger RCE during a deserialization of untrusted data.\n\n\ud83d\udcdd Contents:\n\u25cf Introduction \n\u25cf The new variant\n\u25cf Payload delivery\n\u25cf Demo\n\u25cf References\n\nhttps://starlabs.sg/blog/2023/04-microsoft-exchange-powershell-remoting-deserialization-leading-to-rce-cve-2023-21707/", "creation_timestamp": "2023-04-28T14:02:15.000000Z"}, {"uuid": "ae153af5-4ef2-4725-84d2-d874c1a5340f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-21707", "type": "published-proof-of-concept", "source": "https://t.me/thebugbountyhunter/7307", "content": "Microsoft Exchange Powershell Remoting Deserialization leading to RCE (CVE-2023-21707)\n\nhttps://starlabs.sg/blog/2023/04-microsoft-exchange-powershell-remoting-deserialization-leading-to-rce-cve-2023-21707/", "creation_timestamp": "2023-05-03T21:53:01.000000Z"}, {"uuid": "3f37e6b5-af8d-4648-8ba9-31285ec3cf3b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-21707", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/8205", "content": "#exploit\n1. CVE-2023-21707:\nMicrosoft Exchange Powershell Remoting Deserialization leading to RCE\nhttps://starlabs.sg/blog/2023/04-microsoft-exchange-powershell-remoting-deserialization-leading-to-rce-cve-2023-21707\n\n2. CVE-2022-37955: \nVulnerability in MS Windows Group Policy Updates Leads to Improper Link Resolution Before File Access\nhttps://herolab.usd.de/security-advisories/usd-2022-0034\n]-> https://decoder.cloud/2023/02/16/eop-via-arbitrary-file-write-overwite-in-group-policy-client-gpsvc-cve-2022-37955", "creation_timestamp": "2023-04-29T12:53:42.000000Z"}, {"uuid": "2dfd3194-2b70-4a4c-bdcf-21d6f159eb38", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-21707", "type": "seen", "source": "Telegram/vkEE7_OceR4Ydupr2RTSprnnBt1NQqWK6iRFl2sO0_9W9Ls", "content": "", "creation_timestamp": "2023-04-29T12:22:22.000000Z"}]}