CVE-2021-34523

Vulnerability updated 4 months ago (2024-05-04T17:33:27.550Z)

Download STIX

Preview STIX

Not enough context has been learned about CVE-2021-34523 for a description yet. However we're tracking it as a Vulnerability profile. Vulnerability: A flaw in software design or implementation

Description last updated:

What's your take? (Question 1 of 5)

Help tune the shared Cybergeist dataset, assist your peers, and earn karma. Expand the panel to get started.

Aliases We are not currently tracking any aliases

Miscellaneous Associations

Other elements of context that could aid in the identification of relevance

Microsoft

Analyst Notes & Discussion

Be the first to leave your mark here! Log in to share your views and vote.

Associated Malware

To see the evidence that has resulted in these malware associations, create a free account

ID	Type	Votes	Profile Description
Hive	Unspecified	2	Hive is a malicious software (malware) that has been used by the cybercriminal group, Hunters International, to launch ransomware attacks since October of last year. The group operates as a ransomware-as-a-service (RaaS) provider, spreading Hive rapidly through collaborations with less sophisticated

Associated Threat Actors

To see the evidence that has resulted in these threatActor associations, create a free account

ID	Type	Votes	Profile Description
APT40	Unspecified	2	APT40 is a China-attributed cyber espionage group known for targeting countries strategically significant to the Belt and Road Initiative. The group has been linked to at least 51 different code families, exhibiting a broad range of capabilities. APT40 typically employs spear-phishing emails, often

Associated Vulnerabilities

To see the evidence that has resulted in these vulnerability associations, create a free account

ID	Type	Votes	Profile Description
Proxyshell	Unspecified	5	ProxyShell is a series of vulnerabilities affecting Microsoft Exchange email servers. These flaws in software design or implementation have been exploited by threat actors to gain unauthorized access and control over targeted systems. The ProxyShell vulnerability, officially tracked as CVE-2021-3447
CVE-2021-31207	Unspecified	3	CVE-2021-31207 is a significant software vulnerability that has been exploited by APT40, a group known for rapidly taking advantage of newly public vulnerabilities in widely used software. This particular vulnerability affects Atlassian Confluence and Microsoft Exchange, among other platforms, and a
CVE-2021-34473	Unspecified	3	CVE-2021-34473 is a significant software vulnerability that was discovered in Microsoft Exchange Server. This flaw, along with two others (CVE-2021-31207 and CVE-2021-34523), forms a chain of vulnerabilities known as ProxyShell. These vulnerabilities can be exploited together by remote attackers to
Proxyshell Cve-2021-34473	Unspecified	2	ProxyShell (CVE-2021-34473, CVE-2021-34523, CVE-2021-31207) is a set of three chained vulnerabilities that perform unauthenticated remote code execution (RCE) in Microsoft Exchange. Identified as a significant flaw in software design or implementation, it allows unauthorized users to execute arbitra
CVE-2021-44228	Unspecified	2	CVE-2021-44228, also known as the Log4Shell vulnerability, is a significant flaw in Apache's Log4j software. Disclosed in December 2021, it quickly became one of the most severe bugs due to its widespread usage and potential for exploitation. Various Advanced Persistent Threat (APT) actors attempted
Log4Shell	Unspecified	2	Log4Shell is a significant software vulnerability that exists within the Log4j Java-based logging utility. The vulnerability, officially designated as CVE-2021-44228, allows potential attackers to execute arbitrary code on targeted systems. Advanced Persistent Threat (APT) actors, including LockBit

Source Document References

Information about the CVE-2021-34523 Vulnerability was read from the documents corpus below. This display is limited to 20 results, create a free account to see more

Source Link	CreatedAt	Title
Securelist	2 days ago	New malicious web shell from the Tropic Trooper group is found in the Middle East
Securityaffairs	2 months ago	Cybersecurity agencies warn of China-linked APT40 's capabilities
CISA	2 months ago	People’s Republic of China (PRC) Ministry of State Security APT40 Tradecraft in Action \| CISA
Securityaffairs	4 months ago	A malware campaign exploits Microsoft Exchange Server flaws
CERT-EU	8 months ago	ProxyShell-targeting Babuk Tortilla ransomware decrypted after hacker’s arrest \| #ransomware \| #cybercrime \| National Cyber Security Consulting
MITRE	9 months ago	RaaS AvosLocker Incident Response Analysis
MITRE	9 months ago	Ransomware Spotlight: AvosLocker
CERT-EU	9 months ago	GitHub - kh4sh3i/ProxyShell: CVE-2021-34473 Microsoft Exchange Server Remote Code Execution Vulnerability
SecurityIntelligence.com	10 months ago	X-Force Research Update: Top 10 Cybersecurity Vulnerabilities of 2021
CERT-EU	a year ago	What we know about BlackCat and the MGM hack
Securityaffairs	a year ago	Earth Lusca expands its arsenal with SprySOCKS Linux malware
Trend Micro	a year ago	Earth Lusca Employs New Linux Backdoor, Uses Cobalt Strike for Lateral Movement
CERT-EU	a year ago	From Caribbean shores to your devices: analyzing Cuba ransomware – GIXtools
Securelist	a year ago	Analysis of Cuba ransomware gang activity and tooling
CERT-EU	a year ago	Qualys Top 20 Exploited Vulnerabilities \| Qualys Security Blog
Malwarebytes	a year ago	2022's most routinely exploited vulnerabilities—history repeats
CERT-EU	a year ago	Unmasking the top exploited vulnerabilities of 2022 – GIXtools
CERT-EU	a year ago	Five Eyes intelligence agencies discloses the 12 top-exploited vulnerabilities of 2022
BankInfoSecurity	a year ago	Patching Conundrum: 5-Year Old Flaw Again Tops Most-Hit List
CERT-EU	a year ago	Five Eyes Agencies Call Attention to Most Frequently Exploited Vulnerabilities