2 New MS Exchange Server 0-Day Bugs Are Exploited By Hackers in Wild – Microsoft

Cybercriminals have exploited two 0-day Exchange Server vulnerabilities in real-life attacks as a result of unpatched Exchange Server zero-day vulnerabilities that have not been patched, as confirmed by Microsoft.

Back in August 2022, the Vietnamese security company GTSC was the first one to discover that Microsoft Exchange had vulnerabilities.

Starting in early August 2022, these two zero-day vulnerabilities had been exploited by the attackers to attack their customers’ environments.

0-Day Vulnerabilities

The two vulnerabilities identified are as follows:-

CVE-2022-41040: It is a Server-Side Request Forgery (SSRF) vulnerability with 8.8 severity score out of 10.CVE-2022-41082: This flaw allows Remote Code Execution (RCE) when PowerShell is accessible to the attacker. And this flaw has achived a score of 6.3 out of 10.

Based on recent reports, Microsoft is aware of a limited number of targeted attacks used to breach users’ systems by exploiting these vulnerabilities.

In order to exploit either of the two vulnerabilities successfully, an attacker would need to have access to an Exchange Server that is vulnerable.

Microsoft Exchange Server 2013, 2016, and 2019 are all affected by these vulnerabilities which have an impact on on-premises deployments.

By exploiting these vulnerabilities successfully, hackers are able to accomplish the following things:- 

Infiltrate the victim’s computer systemObtain a web shell and install itTravel in a sideways direction through the compromised network

While apart from this, Microsoft has claimed that they are steadily working to release a fix as soon as possible. However, there are protections built into Microsoft Exchange Online that enable customers to be protected from risks like these.

To ensure

Read more

Explore the site

More from the blog

Latest News