Advertisement
Attackers are leveraging two zero-day vulnerabilities (CVE-2022-41040, CVE-2022-41082) to breach Microsoft Exchange servers.
News of the attacks broke on Wednesday, when researchers with Vietnamese cybersecurity company GTSC released a warning saying that, “while providing SOC service to a customer, GTSC Blueteam detected exploit requests in IIS logs with the same format as ProxyShell vulnerability.”
About the vulnerabilities (CVE-2022-41040, CVE-2022-41082)
CVE-2022-41040 is a Server-Side Request Forgery (SSRF) vulnerability and CVE-2022-41082 allows remote code execution when PowerShell is accessible to the attacker, Microsoft explained.