cve_2024_21410_ms_exchange_servers

1. #!/usr/bin/env python3
2. # -*- coding: utf-8 -*-
3. # Filename: cve_2024_21410_ms_exchange_servers.py
4. # Version: 1.0.0
5. # Author: Jeoi Reqi
6. # Vulnerability Source: https://nvd.nist.gov/vuln/detail/CVE-2024-21410
7.  
8. """
9. Description:
10. This script checks for the presence of vulnerable software configurations on the user's machine in relation to the CVE-2024-21410 vulnerability.
11. It compares the list of installed software on the system with a predefined list of vulnerable software configurations associated with the CVE.
12. If any vulnerable software configurations are found, it displays a warning message to prompt the user to take immediate action to mitigate the vulnerability.
13.  
14. Requirements:
15. - Python 3.x: The script is written in Python 3 and requires a Python interpreter of version 3 or higher to run.
16. - WMI Module: The script uses the WMI module to interact with the Windows Management Instrumentation (WMI) API
17.  to retrieve a list of installed software on a Windows system. Ensure that the WMI module is installed.
18.  You can install it using pip: `pip install WMI`.
19.  
20. Usage:
21. 1. Ensure Python 3.x is installed on your system.
22. 2. Install the WMI module by running `pip install WMI`.
23. 3. Run the script using the command `python cve_2024_21410.py`.
24. 4. The script will verify if any vulnerable software configurations are installed on your machine and
25.   provide instructions for mitigation if necessary.
26.  
27. Functions:
28. - get_installed_software(): Retrieves a list of installed software on the user's machine using the WMI module.
29. - check_for_vulnerabilities(): Compares the list of installed software with a predefined list of vulnerable
30.  software configurations and displays a warning message if any vulnerable software configurations are found.
31.  
32. Important Notes:
33. - The predefined list of vulnerable software configurations in this script corresponds to the CVE-2024-21410 vulnerability.
34. - The script only supports Windows systems due to its dependency on the WMI module for retrieving installed software information.
35. """
36.  
37. import wmi
38.  
39. # List of vulnerable software configurations
40. vulnerable_software = [
41.     "Microsoft Exchange Server 2016 (Cumulative Update 23)",
42.     "Microsoft Exchange Server 2019 (Cumulative Update 13)",
43.     "Microsoft Exchange Server 2019 (Cumulative Update 14)"
44. ]
45.  
46. def get_installed_software():
47.     """
48.    Retrieves a list of installed software on the user's machine using the WMI module.
49.    
50.    Returns:
51.        list: A list containing the names of installed software.
52.    """
53.     c = wmi.WMI()
54.     installed_software = []
55.     for item in c.Win32_Product():
56.         installed_software.append(item.Caption)
57.     return installed_software
58.  
59. def check_for_vulnerabilities():
60.     """
61.    Compares the list of installed software with a predefined list of vulnerable software configurations
62.    and displays a warning message if any vulnerable software configurations are found.
63.    """
64.     installed_software = get_installed_software()
65.     vulnerable_installed = [software for software in installed_software if software in vulnerable_software]
66.     if vulnerable_installed:
67.         print("\nWarning:\nThe following vulnerable software configurations are installed on your machine:")
68.         for software in vulnerable_installed:
69.             print("- " + software)
70.         print("\nPlease take immediate action to mitigate the vulnerability by following the vendor's instructions or...\ndiscontinuing the use of affected products if mitigations are not available.\n")
71.     else:
72.         print("\nAll clear!\nNone of the vulnerable software configurations are installed on your machine.\n")
73.  
74. if __name__ == "__main__":
75.     print("Verifying vulnerable software configurations...")
76.     check_for_vulnerabilities()
77.  
78.