Name of the Vulnerable Software and Affected Versions Microsoft Exchange Server version Exchange Server 2019 and possibly earlier

Description An undisclosed vulnerability exists in an undisclosed component of Microsoft Exchange Server, allowing for remote code execution via network attack. Public reports of exploitation are available, and it is also referred to as ZDI-CAN-18333. Additionally, there are reports that attackers may be exploiting an older, known vulnerability in systems that are not correctly patched.

Recommendations For Microsoft Exchange Server version Exchange Server 2019 and possibly earlier, at the moment, there is no information about a newer version that contains a fix for this vulnerability.