NVD disclosure day
CVE-2021-35211
Halo Surface Signal: 5 out of 5 — more likely to be public-facing.
A remote code execution vulnerability in SolarWinds Serv-U allows attackers to gain privileged access to affected systems. This impacts organizations using Serv-U for file transfers, creating a risk of unauthorized system control and data compromise.
CVE-2021-34523
Halo Surface Signal: 4 out of 5 — likely to be public-facing.
This vulnerability in Microsoft Exchange Server allows an attacker with local access to gain elevated privileges. Affected organizations face business risks including unauthorized access to sensitive data and potential disruption to operations. Applying vendor-provided updates is recommended to mitigate this risk.
CVE-2021-34473
Halo Surface Signal: 5 out of 5 — more likely to be public-facing.
Microsoft Exchange Server has a vulnerability allowing remote code execution. This could permit attackers to access and control affected systems, potentially compromising sensitive data and disrupting business operations. The risk to affected organizations is significant due to the external exposure and unauthenticated
CVE-2021-33771
Halo Surface Signal: 1 out of 5 — much less likely to be public-facing.
A Windows Kernel privilege escalation vulnerability affects affected organizations. This flaw allows local attackers to gain elevated control of systems, posing a risk of unauthorized data access and operational disruption.
CVE-2021-33766
Halo Surface Signal: 5 out of 5 — more likely to be public-facing.
Microsoft Exchange Server has an information disclosure vulnerability. This may allow an unauthenticated attacker to access sensitive email traffic. Organizations should address this to protect data confidentiality.
CVE-2021-31979
Halo Surface Signal: 1 out of 5 — much less likely to be public-facing.
A vulnerability in the Windows Kernel allows an attacker with local access to elevate privileges, potentially leading to unauthorized data access and system control. This impacts organizations by increasing the risk of data compromise and unauthorized system modifications. Applying vendor security updates is recommende
CVE-2021-31196
Halo Surface Signal: 4 out of 5 — likely to be public-facing.
A vulnerability in Microsoft Exchange Server allows attackers to execute remote code. This impacts organizations using the platform, potentially compromising data and disrupting operations. Exploitation requires authenticated access, posing a business risk.