CVE-2022-41040

high

Description

Microsoft Exchange Server Elevation of Privilege Vulnerability

From the Tenable Blog

CVE-2022-41040 and CVE-2022-41082: ProxyShell Variant Exploited in the Wild

Published: 2022-09-30

Microsoft has confirmed reports of two zero-day vulnerabilities in Microsoft Exchange Server that have been exploited in the wild. Patches are not yet available.

References

https://www.secpod.com/blog/microsoft-november-2022-patch-tuesday-patches-65-vulnerabilities-including-6-zero-days/

https://www.kb.cert.org/vuls/id/915563

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-41040

https://www.cisa.gov/news-events/cybersecurity-advisories/aa24-317a

https://www.zerodayinitiative.com/blog/2024/9/4/exploiting-exchange-powershell-after-proxynotshell-part-1-multivaluedproperty

https://www.cisa.gov/news-events/cybersecurity-advisories/aa23-352a

https://www.microsoft.com/en-us/security/blog/2023/06/14/cadet-blizzard-emerges-as-a-novel-and-distinct-russian-threat-actor/

https://www.mandiant.com/resources/blog/zero-days-exploited-2022

https://www.tenable.com/cyber-exposure/tenable-2022-threat-landscape-report

https://www.tenable.com/blog/microsofts-feb-2024-patch-tuesday-cve-2024-21351-cve-2024-21412

https://www.tenable.com/blog/proxynotshell-owassrf-tabshell-patch-your-microsoft-exchange-servers-now

https://www.tenable.com/blog/microsofts-october-2022-patch-tuesday-addresses-84-cves-cve-2022-41033

https://www.tenable.com/blog/cve-2022-41040-and-cve-2022-41082-proxyshell-variant-exploited-in-the-wild

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-41040

Details

Source: Mitre, NVD

Published: 2022-10-03

Updated: 2025-02-24

Named Vulnerability: ProxyNotShellKnown Exploited Vulnerability (KEV)

Risk Information

CVSS v2

Base Score: 9

Vector: CVSS2#AV:N/AC:L/Au:S/C:C/I:C/A:C

Severity: High

CVSS v3

Base Score: 8.8

Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H