HKCert
  

Microsoft Exchange Server Zero-day Privilege Escalation Vulnerability

Release Date: 28 / 01 / 2019
Last Update: 30 / 01 / 2019
Criticality Level:  


A new zero-day vulnerability was discovered in Microsoft Exchange Server. A mailbox user could exploit this vulnerability to elevate account privilege to gain the Windows Domain Admin access right.

 

Notes:The exploit code is publicly available.

  • Elevation of Privilege

This zero-day flaw have been tested in below version:

  • Microsoft Exchange Server 2013, 2016 and 2019

Notes: No patch is currently available.

 

Please refer to the link below for possible mitigation plan:

https://dirkjanm.io/abusing-exchange-one-api-call-away-from-domain-admin/

 

Before applying any mitigation steps, please consult your product support and software manufacturer for more details.