CVE-2021-26857
Published Mar 3, 2021
Last updated a month ago
AI description
CVE-2021-26857 is an insecure deserialization vulnerability that exists within the Microsoft Exchange Unified Messaging service. Exploiting this vulnerability could allow an attacker to execute code as SYSTEM on the Exchange server. To exploit this vulnerability, an attacker would need administrator privileges or would need to exploit another vulnerability first to authenticate to the vulnerable Exchange Server. One way this could be achieved is by exploiting CVE-2021-26855, a server-side request forgery (SSRF) vulnerability.
- Description
- Microsoft Exchange Server Remote Code Execution Vulnerability
- Source
- secure@microsoft.com
- NVD status
- Analyzed
- Products
- exchange_server
CVSS 3.1
- Type
- Secondary
- Base score
- 7.8
- Impact score
- 5.9
- Exploitability score
- 1.8
- Vector string
- CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
- Severity
- HIGH
CVSS 2.0
- Type
- Primary
- Base score
- 6.8
- Impact score
- 6.4
- Exploitability score
- 8.6
- Vector string
- AV:N/AC:M/Au:N/C:P/I:P/A:P
Data from CISA
- Vulnerability name
- Microsoft Exchange Server Remote Code Execution Vulnerability
- Exploit added on
- Nov 3, 2021
- Exploit action due
- Apr 16, 2021
- Required action
- Apply updates per vendor instructions.
- Hype score
- Not currently trending
Ransomware vulns with highest exploit likelihood ⬆️ (past 30d): - CVE-2025-61882 (Oracle E-Busine..) +191397.67% - CVE-2021-27878 (Veritas Veritas..) +167.85% - CVE-2021-27877 (Veritas Veritas..) +151.55% - CVE-2021-27102 (Accellion File ..) +38.22% - CVE-2021-26857 (Exchang
@DefusedCyber
20 Oct 2025
1792 Impressions
7 Retweets
18 Likes
6 Bookmarks
1 Reply
1 Quote
Ransomware vulns with highest exploit likelihood ⬆️ (past 30d): - CVE-2025-61882 (Oracle E-Busine..) +184037.21% - CVE-2021-26857 (Exchange On-Pre..) +384.58% - CVE-2021-27878 (Veritas Veritas..) +202.15% - CVE-2021-27877 (Veritas Veritas..) +183.71% - CVE-2021-27102 (Accell
@DefusedCyber
13 Oct 2025
12527 Impressions
14 Retweets
102 Likes
47 Bookmarks
1 Reply
1 Quote
Ransomware vulns with highest exploit likelihood ⬆️ (past 30d): - CVE-2021-26857 (Exchange On-Pre..) +210.76% - CVE-2022-26500 (Veeam Backup & ..) +24.70% - CVE-2023-27532 (Veeam Backup & ..) +17.62% - CVE-2022-41352 (Zimbra Zimbra C..) +16.52% - CVE-2019-5591 (Forti
@DefusedCyber
29 Sept 2025
33921 Impressions
50 Retweets
256 Likes
138 Bookmarks
3 Replies
2 Quotes
Ransomware vulns with highest exploit likelihood ⬆️ (past 30d): - CVE-2021-26857 (Exchange On-Pre..) +210.76% - CVE-2022-26500 (Veeam Backup & ..) +24.70% - CVE-2015-2291 (IQVW32.sys (BYO..) +22.80% - CVE-2023-27532 (Veeam Backup & ..) +17.62% - CVE-2021-27876 (Verit
@DefusedCyber
22 Sept 2025
10416 Impressions
13 Retweets
89 Likes
63 Bookmarks
1 Reply
1 Quote
Ransomware vulns with highest exploit likelihood ⬆️ (past 30d): - CVE-2025-53770 (SharePoint..) +86627.50% - CVE-2019-5591 (FortiOS..) +44.14% - CVE-2021-26857 (Exchange On-Pre..) +32.05% - CVE-2024-42057 (Zyxel Firewall..) +29.73% - CVE-2021-27101 (Accellion File ..) +23.48
@DefusedCyber
11 Aug 2025
652 Impressions
2 Retweets
8 Likes
4 Bookmarks
0 Replies
1 Quote
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:microsoft:exchange_server:2010:sp3:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "3E5EA9AD-1E84-4AB5-A1EF-3B9F2AC84755"
},
{
"criteria": "cpe:2.3:a:microsoft:exchange_server:2013:cumulative_update_22:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "751FD35F-2ECD-4B75-9589-988CC6AD3058"
},
{
"criteria": "cpe:2.3:a:microsoft:exchange_server:2013:cumulative_update_23:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "DA166F2A-D83B-4D50-AD0B-668D813E0585"
},
{
"criteria": "cpe:2.3:a:microsoft:exchange_server:2013:sp1:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "0C21F84B-E99C-451D-9EAF-6352FD2B0EAF"
},
{
"criteria": "cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_10:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "63E362CB-CF75-4B7E-A4B1-D6D84AFCBB68"
},
{
"criteria": "cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_11:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "9BE04790-85A2-4078-88CE-1787BC5172E7"
},
{
"criteria": "cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_12:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "CCF101BE-27FD-4E2D-A694-C606BD3D1ED7"
},
{
"criteria": "cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_13:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "4DF5BDB5-205D-4B64-A49A-0152AFCF4A13"
},
{
"criteria": "cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_14:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "55284CF7-0D04-4216-83FE-4B1F9CA94207"
},
{
"criteria": "cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_15:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "CA2CE223-AA49-49E6-AC32-59270EFF55AD"
},
{
"criteria": "cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_16:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "4830D6A9-AF74-480C-8F69-8648CD619980"
},
{
"criteria": "cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_17:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "079E1E3F-FF25-4B0D-AC98-191D6455A014"
},
{
"criteria": "cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_18:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "29805EC7-6403-44B9-91EC-109C087E98EB"
},
{
"criteria": "cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_19:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "28FCA0E8-7D27-4746-9731-91B834CA3E64"
},
{
"criteria": "cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_8:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "075E907F-AF2F-4C31-86C7-51972BE412A1"
},
{
"criteria": "cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_9:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "69AF19DC-3D65-49A8-A85F-511085CDF27B"
},
{
"criteria": "cpe:2.3:a:microsoft:exchange_server:2019:-:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "40D8A6DB-9225-4A3F-AD76-192F6CCCF002"
},
{
"criteria": "cpe:2.3:a:microsoft:exchange_server:2019:cumulative_update_1:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "051DE6C4-7456-4C42-BC51-253208AADB4E"
},
{
"criteria": "cpe:2.3:a:microsoft:exchange_server:2019:cumulative_update_2:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "EE320413-D2C9-4B28-89BF-361B44A3F0FF"
},
{
"criteria": "cpe:2.3:a:microsoft:exchange_server:2019:cumulative_update_3:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "104F96DC-E280-4E0A-8586-B043B55888C2"
},
{
"criteria": "cpe:2.3:a:microsoft:exchange_server:2019:cumulative_update_4:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "73B3B3FE-7E85-4B86-A983-2C410FFEF4B8"
},
{
"criteria": "cpe:2.3:a:microsoft:exchange_server:2019:cumulative_update_5:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "8A9FB275-7F17-48B2-B528-BE89309D2AF5"
},
{
"criteria": "cpe:2.3:a:microsoft:exchange_server:2019:cumulative_update_6:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "D4AB3C25-CEA8-4D66-AEE4-953C8B17911A"
},
{
"criteria": "cpe:2.3:a:microsoft:exchange_server:2019:cumulative_update_7:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "36CE5C6D-9A04-41F5-AE7C-265779833649"
},
{
"criteria": "cpe:2.3:a:microsoft:exchange_server:2019:cumulative_update_8:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "44ECF39A-1DE1-4870-A494-06A53494338D"
}
],
"operator": "OR"
}
]
}
]