COOEY // HUBcompliance · community · intelligence

Exposures › CVE-2023-21529

CVE-2023-21529

Severity
critical · on CISA KEV actively exploited
Source
CISA-KEV · kev
Published
2026-04-13
Reference
https://nvd.nist.gov/vuln/detail/CVE-2023-21529
⚡ RCE ⌖ exploited in the wild shame 65/100 ransomwarerceexploited-in-wildunpatched

Microsoft Exchange Server allows authenticated attackers to execute remote code via deserialization of untrusted data.

This vulnerability enables remote code execution in Microsoft Exchange Server, allowing attackers to compromise mail servers and potentially access sensitive data. DIB organizations must patch immediately to prevent ransomware exploitation and maintain FedRAMP/NIST 800-171 compliance. Failure to patch exposes organizations to data breaches and potential FCA penalties.

Shame score — A critical RCE vulnerability in a widely deployed product that was actively exploited and linked to ransomware.

Players implicated

Microsoft · vendorExchange Server · product

Description

Microsoft Exchange Server contains a deserialization of untrusted data that allows an authenticated attacker to achieve remote code execution.

Affected FedRAMP products 4 in the catalog

ProductProviderStatusMatch
Azure Commercial Cloud Microsoft Authorized vendor-exact · 0.90
Azure Government (includes Dynamics 365) Microsoft Authorized vendor-exact · 0.90
Microsoft Office 365 GCC High Microsoft In Process vendor-exact · 0.90
Office 365 Multi-Tenant & Supporting Services Microsoft Authorized vendor-exact · 0.90