NVD disclosure day
CVE-2021-22681
Halo Surface Signal: 1 out of 5 — much less likely to be public-facing.
Rockwell Automation design software has a flaw allowing unauthorized access to Logix controllers. This affects various Rockwell controllers and could let attackers authenticate with them, posing a business risk to operations.
CVE-2021-27065
Halo Surface Signal: 5 out of 5 — more likely to be public-facing.
A vulnerability in Microsoft Exchange Server allows for remote code execution, potentially impacting data confidentiality, integrity, and availability. This poses a business risk due to the possibility of attackers gaining control of affected systems and causing service disruptions. Organizations should address this is
CVE-2021-26858
Halo Surface Signal: 5 out of 5 — more likely to be public-facing.
Microsoft Exchange Server is affected by a remote code execution vulnerability. This could allow attackers to write arbitrary files to servers, potentially leading to system compromise and data exfiltration. This presents a business risk of unauthorized access and control over affected systems.
CVE-2021-26857
Halo Surface Signal: 5 out of 5 — more likely to be public-facing.
Microsoft Exchange Server has a vulnerability that permits unauthorized code execution. This could lead to system compromise and data loss for affected organizations. The business risk is significant, requiring prompt attention to mitigate potential impacts on operations and data security.
CVE-2021-26855
Halo Surface Signal: 5 out of 5 — more likely to be public-facing.
Microsoft Exchange Server is vulnerable to a flaw allowing unauthorized access and code execution. This can lead to data compromise and system alteration, posing a significant business risk. Applying vendor updates is crucial for mitigation.