CVE-2023-21529
Microsoft Exchange Server Remote Code Execution Vulnerability
Vexday Risk Score
63High priority
SSVC decision (CISA)
Act
Exploitation + impact → act immediately
CVSS 8.8EPSS 62.1%KEV simPoC —Nuclei —Metasploit —Patch referenciado
Lifecycle
14 Feb 2023Published on NVD
13 Apr 2026Active exploitation (CISA KEV)
Recommendation: Patch as soon as possible — active exploitation confirmed.
In short
A flaw in Microsoft Exchange Server allows attackers to execute arbitrary code on the server by sending specially crafted requests. This is critical because Exchange servers often handle sensitive business email and data.
Technical detail
Unsafe deserialization vulnerability (CWE-502) in Exchange Server allows remote code execution when processing malicious serialized objects. An attacker with network access can exploit this to achieve RCE without prior authentication.
Summary generated and translated by AI from the official description.
Microsoft Exchange Server Remote Code Execution Vulnerability
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Affected products
Microsoft · Microsoft Exchange Server 2013 Cumulative Update 23Microsoft · Microsoft Exchange Server 2016 Cumulative Update 23Microsoft · Microsoft Exchange Server 2019 Cumulative Update 11Microsoft · Microsoft Exchange Server 2019 Cumulative Update 12Want to know if your infrastructure is exposed to this?
Talk to TrueHacking →References
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21529https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2023-21529https://www.microsoft.com/en-us/security/blog/2026/04/06/storm-1175-focuses-gaze-on-vulnerable-web-facing-assets-in-high-tempo-medusa-ransomware-operations/