InfoSecBulletin Cybersecurity for mankind
A lot number of microsoft Exchange email servers in Europe, the United States, and Asia are at risk because they are accessible on the public internet. These servers are using an old and unsupported version of the software, which makes them vulnerable to multiple security issues, including some that are very serious.
The ShadowServer Foundation found 20,000 Microsoft Exchange servers that have reached the end-of-life stage are still accessible online. Most of these servers are in Europe, but there are also many in North America and Asia.
CISA warns of increasing risk tied to Oracle legacy Cloud leak
CVE-2025-20236
Cisco Patches Unauthenticated RCE Flaw in Webex App
Apple released emergency security updates for 2 zero-day vulns
Oracle Released Patched for 378 flaws for April 2025
CVE-2025-24054
Hackers Exploiting NTLM Spoofing Windows Vuln the in Wild
Bengaluru firm got ransomware attack, Hacker demanded $70,000
MITRE warns: U.S. Govt. Funding for MITRE’s CVE Ends Today
PwC exits more than a dozen countries in push to avoid scandals: FT reports
Australian Cyber Security Centre Alert for Fortinet Products
Top 10 Malware Threats of the Week: Reports ANY.RUN
ShadowServer’s statistics may not show the complete situation. Macnica security researcher Yutaka Sejiyama discovered that there are 30,000 Microsoft Exchange servers that are no longer supported. Sejiyama’s scans on Shodan revealed that these unsupported servers include versions such as Exchange Server 2007, Exchange Server 2010, and most instances of Exchange Server 2013.
Outdated Exchange servers found by ShadowServer and Sejiyama have many vulnerabilities that allow remote code execution. An important security problem is ProxyLogon (CVE-2021-26855) which, when combined with another bug (CVE-2021-27065), allows remote code execution. Sejiyama’s analysis shows that around 1,800 vulnerable Exchange systems are exposed to ProxyLogon, ProxyShell, or ProxyToken vulnerabilities.
Organizations have taken steps to deal with these vulnerabilities, but it’s important to know that these measures are not enough. Microsoft advises companies to prioritize updating servers connected to external networks. If servers are no longer supported, upgrading to a version that still receives security updates is the only viable option.
Organizations must act immediately to address the ongoing exploitation of these vulnerabilities and the large number of exposed servers. They should secure their Exchange servers and ensure they are using supported and updated software versions. This will help protect sensitive data and minimize risks.
