Categories: Latest Cyber News

Two Microsoft Exchange zero-days exploited by attackers (CVE-2022-41040, CVE-2022-41082)

Attackers are leveraging two zero-day vulnerabilities (CVE-2022-41040, CVE-2022-41082) to breach Microsoft Exchange servers. News of the attacks broke on Wednesday, when researchers with Vietnamese cybersecurity company GTSC released a warning saying that, “while providing SOC service to a customer, GTSC Blueteam detected exploit requests in IIS logs with the same format as ProxyShell vulnerability.” About the vulnerabilities (CVE-2022-41040, CVE-2022-41082) CVE-2022-41040 is a Server-Side Request Forgery (SSRF) vulnerability and CVE-2022-41082 allows remote code execution when PowerShell … More

The post Two Microsoft Exchange zero-days exploited by attackers (CVE-2022-41040, CVE-2022-41082) appeared first on Help Net Security.


Hey there, thanks for visiting our page. Listen, we get it, the information above may not be enough for you, and that's probably because the article originated somewhere else on the internet. So if you yearn for more reading, you can find the original write up HERE

«
»
Other cyber news you might have missed: