Cyber Resilience

CVE-2024-21410

CriticalCISA KEVActive ExploitationEUVD Exploited

Published: 13 February 2024

Published
13 February 2024
Modified
28 October 2025
KEV Added
15 February 2024
Patch
CVSS Score v3.1 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS Score 0.0614 91.0th percentile
Risk Priority 43 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2024-21410 is a critical-severity Improper Authentication (CWE-287) vulnerability in Microsoft Exchange Server. Its CVSS base score is 9.8 (Critical).

Operationally, ranked in the top 9.0% of CVEs by exploit likelihood; CISA has added it to the Known Exploited Vulnerabilities catalog.

The strongest mitigations our analysis identified are NIST 800-53 AC-3 (Access Enforcement) and IA-2 (Identification and Authentication (Organizational Users)).

Deeper analysis

Microsoft Exchange Server contains an elevation of privilege vulnerability tracked as CVE-2024-21410. The flaw carries a CVSS 3.1 base score of 9.8 and is associated with CWE-287, indicating improper authentication handling that can be reached over the network without credentials or user interaction.

An unauthenticated attacker can send specially crafted requests to an affected Exchange server and obtain elevated privileges, resulting in full compromise of confidentiality, integrity, and availability on the target system.

Microsoft has published guidance and patches through its Security Response Center, while CISA lists the vulnerability in its Known Exploited Vulnerabilities catalog, confirming that remediation should follow the vendor’s update instructions.

EPSS for the CVE rose from lower values to a peak of 0.1069 on 2024-12-09 before receding to the current 0.0614, indicating increased exploitation interest several months after disclosure.

EU & UK References

Vulnerability details

Microsoft Exchange Server Elevation of Privilege Vulnerability

CWE(s)
KEV Date Added
15 February 2024

Related Threats

No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.

Affected Assets

microsoft
exchange server
2016, 2019

Mitigating Controls

Mitigating Controls (NIST 800-53 r5) AI

prevent

Directly enforces authentication decisions before granting any privileges on Exchange, blocking the unauthenticated elevation path in CVE-2024-21410.

prevent

Requires successful identification and authentication of organizational users prior to allowing access, directly countering the CWE-287 improper authentication flaw.

prevent

Mandates timely application of security updates that remediate the Exchange authentication bypass, eliminating the exploitable vulnerability.

References