CVE-2021-27065

ENISA EUVD: EUVD-2021-13836 ↗

Exploited in the Wild ✓ Confirmed 0-Day ★ Google Project Zero

Triaged: March 3, 2026 14 articles Published: 2021-03-02

VulnLookup ↗ NVD ↗ EUVD ↗ MITRE ↗ Advisory ↗ P0 Sheet ↗ CISA KEV ↗

EPSS Score

Source: FIRST.org · 2026-05-23

94.16%

probability

This CVE has a 94.16% probability of being exploited in the next 30 days.

0% Top 99.9th percentile of all CVEs 100%

CVSS v3.1

Source: VulnerabilityLookup (CIRCL)

7.8

HIGH

Attack Vector

Local

Attack Complexity

Low

Privileges Required

None

User Interaction

Required

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

High

Temporal

Exploit Code Maturity

Functional

Remediation Level

Official Fix

Report Confidence

Confirmed

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C

CVSS v2 (legacy)

6.8

MEDIUM

Access Vector

Network

Access Complexity

Medium

Authentication

None

Confidentiality

Partial

Integrity

Partial

Availability

Partial

AV:N/AC:M/Au:N/C:P/I:P/A:P

Description

NVD

Microsoft Exchange Server Remote Code Execution Vulnerability

Affected Products

Microsoft

Microsoft Exchange Server 2019

15.02.0

Microsoft

Microsoft Exchange Server 2013 Cumulative Update 22

15.00.0

Microsoft

Microsoft Exchange Server 2019 Cumulative Update 2

15.02.0

Microsoft

Microsoft Exchange Server 2016 Cumulative Update 13

15.01.0

Microsoft

Microsoft Exchange Server 2013 Cumulative Update 23

15.00.0

microsoft

exchange server

Microsoft

Microsoft Exchange Server 2016 Cumulative Update 18

15.01.0 <publication

Microsoft

Microsoft Exchange Server 2016 Cumulative Update 12

15.01.0 <publication

Microsoft

Microsoft Exchange Server 2019 Cumulative Update 8

15.02.0 <publication

Microsoft

Microsoft Exchange Server 2019 Cumulative Update 3

15.02.0 <publication

Microsoft

Microsoft Exchange Server 2019 Cumulative Update 4

15.02.0 <publication

Microsoft

Microsoft Exchange Server 2016 Cumulative Update 13

15.01.0 <publication

Microsoft

Microsoft Exchange Server 2019 Cumulative Update 5

15.02.0 <publication

Microsoft

Microsoft Exchange Server 2016 Cumulative Update 16

15.01.0 <publication

Microsoft

Microsoft Exchange Server 2016 Cumulative Update 14

15.01.0 <publication

Microsoft

Microsoft Exchange Server 2013 Service Pack 1

15.00.0 <publication

Microsoft

Microsoft Exchange Server 2019 Cumulative Update 6

15.02.0 <publication

Microsoft

Microsoft Exchange Server 2016 Cumulative Update 8

15.01.0 <publication

Microsoft

Microsoft Exchange Server 2013 Cumulative Update 22

15.00.0 <publication

Microsoft

Microsoft Exchange Server 2019 Cumulative Update 1

15.02.0 <publication

Microsoft

Microsoft Exchange Server 2016 Cumulative Update 15

15.01.0 <publication

Microsoft

Microsoft Exchange Server 2016 Cumulative Update 9

15.01.0 <publication

Microsoft

Microsoft Exchange Server 2019 Cumulative Update 2

15.02.0 <publication

Microsoft

Microsoft Exchange Server 2019 Cumulative Update 7

15.02.0 <publication

Microsoft

Microsoft Exchange Server 2013 Cumulative Update 23

15.00.0 <publication

Microsoft

Microsoft Exchange Server 2016 Cumulative Update 10

15.01.0 <publication

Microsoft

Microsoft Exchange Server 2016 Cumulative Update 17

15.01.0 <publication

Microsoft

Microsoft Exchange Server 2016 Cumulative Update 19

15.01.0 <publication

Microsoft

Microsoft Exchange Server 2016 Cumulative Update 11

15.01.0 <publication

Microsoft

Microsoft Exchange Server 2019

15.02.0 <publication

Microsoft

Microsoft Exchange Server 2013 Cumulative Update 21

15.00.0 <publication

Attack Intelligence

CWE-22 · Path Traversal CWE-664 · Improper Control of a Resource Through its Lifetime CWE-706 · Use of Incorrectly-Resolved Name or Reference

Google Project Zero

Patched

March 2, 2021

Reported by

Volexity, Orange Tsai from DEVCORE research team, and Microsoft Threat Intelligence Center (MSTIC)

Root Cause Analysis

???

Exploits & PoC

adamrpostjr/cve-2021-27065

Quick One Line Powershell scripts to detect for webshells, possible zips, and logs.

11 2021-03-09

1 repo — triés par ⭐ Rechercher sur GitHub ↗

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-27065

x_refsource_MISC

http://packetstormsecurity.com/files/161938/Microsoft-Exchange-ProxyLogon-Remote-Code-Execution.html

x_refsource_MISC

http://packetstormsecurity.com/files/162736/Microsoft-Exchange-ProxyLogon-Collector.html

x_refsource_MISC

Signal Intelligence

Confidenceⓘ

85%

EPSS 94.16%

CVSS v3.1 7.8

Mentions 14

Last Seen Jul 18, 2023

CNA Information

CNA Assigner

microsoft

CNA Title

Microsoft Exchange Server Remote Code Execution Vulnerability

Analyst Note

CVE-2021-27065 is confirmed as a zero-day RCE vulnerability in Microsoft Exchange Server with HIGH severity (CVSS 7.8) and inclusion in Google Project Zero, indicating credible security research validation. The CERT-EU security advisory corroborates the vulnerability's existence and active exploitation risk, though limited public documentation currently exists.