{"vulnerability": "CVE-2023-21710", "sightings": [{"uuid": "4fdf43e3-bb57-447b-a44c-c8b23431177e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-21710", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/6002", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2023-21710\n\ud83d\udd25 CVSS Score: 7.2 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C)\n\ud83d\udd39 Description: Microsoft Exchange Server Remote Code Execution Vulnerability\n\ud83d\udccf Published: 2023-02-14T19:33:41.835Z\n\ud83d\udccf Modified: 2025-02-28T21:14:01.338Z\n\ud83d\udd17 References:\n1. https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21710", "creation_timestamp": "2025-02-28T21:37:31.000000Z"}, {"uuid": "ee5ccbd2-c37e-4bfd-96a2-9ecbe2ba2444", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-21710", "type": "seen", "source": "https://t.me/realvulnerabilities/6", "content": "February Microsoft Patch. I decided to change the format a bit. I will share the general impression right away, but the full blog post/video will be released with a delay.\n\n1. RCE - Windows Graphics Component (CVE-2023-21823) seems the most critical. Interestingly, ZDI marked this vulnerability as EoP and did not add it to their review. Apparently MS changed the type of vulnerability before the release. Let's hope that the EDRs will promptly start blocking the exploitation.\n2. EoP - Windows Common Log File System Driver (CVE-2023-23376) with a sign of active exploitation.\n3. Multiple RCEs for Exchange (CVE-2023-21529, CVE-2023-21706, CVE-2023-21707, CVE-2023-21710). But so far no signs of exploitation.\n4. A funny Inf. Disclosure in augmented reality devices HoloLens 1 (CVE-2019-15126), it's an old Broadcom vulnerability with a bunch of exploits. \n\nRaw Vulristics report. There are problems with software detections, I will fix them later.", "creation_timestamp": "2023-02-22T03:33:02.000000Z"}, {"uuid": "16d67cbc-0940-48ca-8d8f-c3b06b121d41", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-21710", "type": "seen", "source": "https://t.me/cibsecurity/58160", "content": "\u203c CVE-2023-21710 \u203c\n\nMicrosoft Exchange Server Remote Code Execution Vulnerability\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-02-14T22:36:12.000000Z"}]}