CVE-2021-34523: Microsoft Exchange Server Privilege Escalation

Microsoft Exchange Server Privilege Escalation Vulnerability. Microsoft Exchange Server contains an unspecified vulnerability that allows for privilege escalation.

• CISA KEV-listed (remediation due 2021-11-17)
• used in ransomware campaigns
• EPSS 94.0% (99.9% percentile)

Related briefings

• CISA #StopRansomware: Hive Ransomware Claims 1,300+ Victims and $100M in Payments Targeting Healthcare and Critical Infrastructure 2026-02-16

Browse the CVE database

Read the full analysis on IntelFusions