REDLEGG BLOG

Emergency Vulnerability Bulletin - 09/30/22

9/30/22 11:34 AM  |  by RedLegg Blog

Microsoft Exchange Server Server-Side Request Forgery (SSRF) Vulnerability

Identifier: CVE-2022-41040

Exploit or POC: Yes (Actively Being Exploited)

Update: Vendor has not published an update for this vulnerability to date.

Description: CVE-2022-41040 allows an attacker to achieve server-side request forgery. The executed requests are comparable to Proxy Shell formatting. To successfully exploit this vulnerability authentication is required. This vulnerability is annexed in conjunction with CVE-2022-41082 in that it elicits arbitrary code execution.

Mitigation recommendation: Mitigation steps listed here: https://msrc-blog.microsoft.com/2022/09/29/customer-guidance-for-reported-zero-day-vulnerabilities-in-microsoft-exchange-server/

RedLegg Action: None at this time.

 

Microsoft Exchange Server Remote Code Execution (RCE) Vulnerability

Identifier: CVE-2022-41082

Exploit or POC: Yes (Actively Being Exploited)

Update: Vendor has not published an update for this vulnerability to date.

Description: CVE-2022-41082 allows for remote code execution that impacts Microsoft Exchange Servers. CVE-2022-41082 is directly linked to CVE-2022-41040. Authentication is required for successful exploitation of this vulnerability.

Mitigation recommendation: Mitigation steps listed here: https://msrc-blog.microsoft.com/2022/09/29/customer-guidance-for-reported-zero-day-vulnerabilities-in-microsoft-exchange-server/

RedLegg Action: None at this time.

Get Blog Updates

Related Articles

Emergency Vulnerability Bulletin - 11/30/22 threat intel, 96bravo

Emergency Vulnerability Bulletin - 11/30/22

About: RedLegg will occasionally communicate vulnerabilities released outside the usual release schedule to provide ...
Emergency Vulnerability Bulletin - 11/29/22 threat intel, 96bravo

Emergency Vulnerability Bulletin - 11/29/22

Oracle Fusion Middleware Unspecified Vulnerability Identifier: CVE-2022-35587 Exploit or POC: Yes (Actively Being ...
Critical Security Vulnerabilities Bulletin