KEV · Actively exploited
CVE-2024-21410
CRITICAL 9.8
KEV
Microsoft Exchange Server Elevation of Privilege Vulnerability
EPSS
6.15%
above median
percentile 91.0%
CISA Known Exploited Vulnerability
- Added to KEV
- 2024-02-15
- Remediation deadline
- 2024-03-07
- Required action
- Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.
- Ransomware
- No