In early August 2022, the Vietnam-based Cybersecurity company GTSC, discovered a zero-day vulnerability in the Microsoft Exchange platform, which received the name “ProxyNotShell”.
The Zero Day Initiative (ZDI) acknowledged this as two vulnerabilities – a Server-Side Request Forgery (SSRF) vulnerability and a remote code execution (RCE) vulnerability. Both can be executed, by any user authorized to use the Exchange servers, on any organization running an on-premise Exchange Server presented to the internet or an Outlook Web App facing the internet.
In time, ProxyNotShell might become the next big thing to put companies around the globe at risk, forcing them to use every possible way to mitigate the threat of being brutally compromised.
Microsoft has yet to publish an official patch for these vulnerabilities.
Explore our Exchange ProxyNotShell Vulnerability Spotlight to learn how to keep your organization from becoming the next victim. You will learn about the risk that the ProxyNotShell vulnerability poses, the common attack flow based on this vulnerability, and gain important knowledge about how to detect and mitigate this threat.
Check out the Exchange ProxyNotShell Vulnerability Spotlight Now