According to the CVSS metric, privileges required is low (PR:L). Does the attacker need to be in an authenticated role on the Exchange Server? Yes, the attacker must be authenticated with LAN-access and have credentials for a valid Exchange user. According to the CVSS metric, successful exploitation of this vulnerability could lead to total loss of confidentiality (C:H), integrity (I:H), and availability (A:H). What does that mean for this vulnerability? An attacker who successfully exploits this vulnerability could perform a remote attack that could enable access to the victim's information and the ability to alter information. Successful exploitation could also potentially cause downtime for the targeted environment. How could an attacker exploit this vulnerability? An attacker could exploit the vulnerability by leveraging the known (Type 4) UnitySerializationHolder gadget through a deserialization of untrusted data. Exploitation of this vulnerability requires that a user gain LAN-access as well as obtain credentials for a valid Exchange user. What updates do I need to install to be protected from this vulnerability? Customers need to install the August 2023 Exchange security updates which are listed in the Security Updates table. Customers who have already August 2023 security updates are already protected from this vulnerability. Is there more information available? Yes, please see September 2023 release of new Exchange Server CVEs for more information.
Maturity: Exploit
Piotr Bazydlo (@chudypb) of Trend Micro Zero Day Initiative