Critical active threat
CVE-2021-31196 Microsoft Exchange Server Information Disclosure
- Actively exploited (CISA KEV)
- Listed on CISA KEV
- Enterprise mail systems at risk
Microsoft Exchange Server RCE is on CISA KEV — confirmed in-the-wild exploitation. Expect continued targeting while the issue remains on the catalog.