CVE-2023-21529
Microsoft Exchange Server Remote Code Execution Vulnerability
Basic Information
- CVE State
- PUBLISHED
- Reserved Date
- December 01, 2022
- Published Date
- February 14, 2023
- Last Updated
- April 14, 2026
- Vendor
- Microsoft
- Product
- Microsoft Exchange Server 2019 Cumulative Update 12, Microsoft Exchange Server 2019 Cumulative Update 11, Microsoft Exchange Server 2013 Cumulative Update 23, Microsoft Exchange Server 2016 Cumulative Update 23
- Description
- Microsoft Exchange Server Remote Code Execution Vulnerability
- Tags
- Exploitation
- active
- Technical Impact
- total
- Exploited in the Wild
- Yes (2026-06-01 13:07:10 UTC) Source
cisa
CVSS Scores
CVSS v3.1
8.8 - HIGH
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
SSVC Information
Exploit Status
Known Exploited Vulnerability Information
| Source | Added Date |
|---|---|
| CVE | 2026-06-01 13:07:10 UTC |
Timeline
-
CVE ID Reserved
-
CVE Published to Public
-
Added to KEVIntel