The vulnerability, dubbed ProxyToken, allows a remote attacker to circumvent authentication and change the backend settings of an Exchange email server.
The ProxyToken vulnerability was discovered by Le Xuan Tuyen, a Vietnamese security researcher at VNPT ISC, and could be used to secretly add an email forwarding rule to a user’s inbox, causing all emails intended to the victim to be forwarded to an account controlled by the attacker.
According to Le, the vulnerability occurs due to two vulnerabilities in the Exchange code, as reported through the Zero-Day Initiative program. By combining the two, Le claims that a ProxyToken attack can be launched, allowing attackers to access any section of the Exchange backend.
To Read More: The Record
For more such updates follow us on Google News ITsecuritywire News.