CVE-2021-26855: ProxyLogon

Score: 9.8
CRITICAL
Published: 2021-03-02Affected: Microsoft Exchange Server 2013/2016/2019CWE-918 β†—

What is ProxyLogon?

A server-side request forgery (SSRF) vulnerability in Microsoft Exchange Server that allows unauthenticated attackers to send arbitrary HTTP requests and authenticate as the Exchange server. Part of a chain enabling full server compromise.

Impact & Exploitation

Exploited by HAFNIUM (Chinese state actor) to compromise 250,000+ Exchange servers globally. Led to mass deployment of web shells for persistent access.

Related Resources

πŸ” Related CWE Entries

πŸ“‹ OWASP Top 10

πŸ“– Security Guides

πŸ”— External References

Precogs Logo

Precogs Research

This vulnerability intelligence report was analyzed and enriched by the Precogs AI Security Team. Our researchers continuously monitor emerging threats across AI code, LLM pipelines, and binary architectures to ensure accurate real-time remediation guidance.

Base Score

CVSS9.8
SeverityCRITICAL
CWECWE-918
Published2021-03-02

Tags

exchangessrfzero-daynation-state

Quick Links

Is your system affected?

Precogs AI detects ProxyLogon in compiled binaries and firmware β€” even without source code.

Request Deep Analysis

Is Your System Still Exposed to Critical CVEs?

Vulnerabilities like CVE-2021-26855 ProxyLogon don’t just exist in source code β€” they persist in compiled binaries, containers, and embedded systems. Precogs AI detects vulnerable components across your entire stack β€” even when source code isn’t available.

Request Deep AnalysisBook a demo