Four zero-day vulnerabilities in Microsoft Exchange were found by researchers. These vulnerabilities allow for the remote execution of arbitrary code or the disclosure of private data on susceptible installations. As per its responsible disclosure policy, ZDI chose to make the vulnerability publicly known.
Four zero-day vulnerabilities in Microsoft Exchange were discovered by Trend Micro’s Zero Day Initiative (ZDI). These vulnerabilities allow an authenticated attacker to remotely execute arbitrary code or reveal sensitive data on affected setups.x000D The vulnerabilities were discovered by Trend Micro’s Zero Day Initiative (ZDI) and submitted to Microsoft on September 7th and 8th, 2023. Although the IT behemoth acknowledged the vulnerabilities, it has not yet addressed them.