Microsoft is investigating two reported zero-day vulnerabilities affecting Microsoft Exchange Server 2013, 2016, and 2019. The first vulnerability, identified as CVE-2022-41040, is a Server-Side Request Forgery (SSRF) vulnerability, while the second, identified as CVE-2022-41082, allows remote code execution (RCE) when PowerShell is accessible to the attacker.
At this time, Microsoft is aware of limited targeted attacks using the two vulnerabilities to get into users’ systems. In these attacks, CVE-2022-41040 can enable an authenticated attacker to remotely trigger CVE-2022-41082. It should be noted that authenticated access to the vulnerable Exchange Server is necessary to successfully exploit either of the two vulnerabilities.
Read more here and how to mitigate:
Microsoft Exchange Online Customers do not need to take any action.
Related Posts
New Windows 10 vulnerability allows anyone to get admin privileges- PrintNightmare: Clarified Guidance for CVE-2021-34527 Windows Print Spooler Vulnerability
How to hide all users in a particular OU in the Global Address List- PrintNightmare: Out-of-band updates ready – patch now!
- Exploit: PrintNightmare
- Exchange: An error occurred while using SSL configuration for endpoint 0.0.0.0:444