CVE-2022-41082 (GCVE-0-2022-41082)

Vulnerability from cvelistv5 – Published: 2022-10-03 00:00 – Updated: 2025-10-21 23:15
Title
Microsoft Exchange Server Remote Code Execution Vulnerability
Summary
Microsoft Exchange Server Remote Code Execution Vulnerability
SSVC
Exploitation: active Automatable: no Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
  • Remote Code Execution
  • CWE-502 - Deserialization of Untrusted Data
Assigner
Date Public
2022-09-30 07:00
CISA
Known Exploited Vulnerability - GCVE BCP-07 Compliant

Vulnerability ID: CVE-2022-41082

Status: Confirmed

Status Updated: 2022-09-30 00:00 UTC

Exploited: Yes


Timestamps
First Seen: 2022-09-30
Asserted: 2022-09-30

Scope
Notes: KEV entry: Microsoft Exchange Server Remote Code Execution Vulnerability | Affected: Microsoft / Exchange Server | Description: Microsoft Exchange Server contains an unspecified vulnerability that allows for authenticated remote code execution. Dubbed "ProxyNotShell," this vulnerability is chainable with CVE-2022-41040 which allows for the remote code execution. | Required action: Apply updates per vendor instructions. | Due date: 2022-10-21 | Known ransomware campaign use (KEV): Known | Notes (KEV): https://msrc-blog.microsoft.com/2022/09/29/customer-guidance-for-reported-zero-day-vulnerabilities-in-microsoft-exchange-server/; https://nvd.nist.gov/vuln/detail/CVE-2022-41082

Evidence

Type: Vendor Report

Signal: Successful Exploitation

Confidence: 80%

Source: cisa-kev


Details
Cwes CWE-502
Feed CISA Known Exploited Vulnerabilities Catalog
Product Exchange Server
Due Date 2022-10-21
Date Added 2022-09-30
Vendorproject Microsoft
Vulnerabilityname Microsoft Exchange Server Remote Code Execution Vulnerability
Knownransomwarecampaignuse Known

References

Created: 2026-02-02 13:25 UTC | Updated: 2026-02-06 07:53 UTC
Shadowserver
Known Exploited Vulnerability - GCVE BCP-07 Compliant

Vulnerability ID: CVE-2022-41082

Status: Confirmed

Status Updated: 2025-02-15 00:00 UTC

Exploited: Yes


Characteristics
Severity: 88.0

Timestamps
First Seen: 2023-10-13
Asserted: 2023-10-13
Last Seen: 2025-02-15

Scope
Asset Exposure: ['internet-facing']
Notes: Affected: Microsoft / Exchange | Class: email | Severity: High (CVSS 8.8) | IoT: no | In CISA KEV: yes | Honeypot connections on 2025-02-15: 803

Evidence

Type: Honeypot

Signal: In The Wild Attempts

Confidence: 70%

Source: shadowserver


Details
1D 190
Iot no
Feed Shadowserver Foundation honeypot/exploited-vulnerabilities
Type http-scan
Class email
7D Avg 79
Vendor Microsoft
30D Avg 72
90D Avg 66
Product Exchange
Cisa Kev yes
Connections 803
Observation Date 2025-02-15
Vulnerability Class CVSS
Vulnerability Score 8.8
Vulnerability Severity High

References

Created: 2026-07-01 07:16 UTC | Updated: 2026-07-01 13:14 UTC
KEVIntel
Known Exploited Vulnerability - GCVE BCP-07 Compliant

Vulnerability ID: CVE-2022-41082

Status: Confirmed

Status Updated: 2022-09-30 00:00 UTC

Exploited: Yes


Timestamps
First Seen: 2022-09-30
Asserted: 2022-09-30

Scope
Notes: KEVIntel entry: Microsoft Exchange Server Remote Code Execution Vulnerability | Affected: Microsoft / Microsoft Exchange Server 2013 Cumulative Update 23, Microsoft Exchange Server 2016 Cumulative Update 22, Microsoft Exchange Server 2019 Cumulative Update 11, Microsoft Exchange Server 2019 Cumulative Update 12, Microsoft Exchange Server 2016 Cumulative Update 23 | CVSS: 8.0 (HIGH) | EPSS: 0.99964 | Used in malware: yes | Not yet in CISA KEV: False

Evidence

Type: Public Report

Signal: Confirmed Compromise

Confidence: 70%

Source: kevintel


Details
Feed KEVIntel (kevintel.com)
Title Microsoft Exchange Server Remote Code Execution Vulnerability
Vendor Microsoft
Product Microsoft Exchange Server 2013 Cumulative Update 23, Microsoft Exchange Server 2016 Cumulative Update 22, Microsoft Exchange Server 2019 Cumulative Update 11, Microsoft Exchange Server 2019 Cumulative Update 12, Microsoft Exchange Server 2016 Cumulative Update 23
Added Date 2022-09-30T00:00:00.000Z
Cvss Score 8.0
Epss Score 0.99964
Cvss Severity HIGH
Epss Percentile 0.99976
Used In Malware yes
Ahead Of Cisa Kev None
Not Yet In Cisa Kev False

References

Created: 2026-06-23 11:14 UTC | Updated: 2026-06-23 11:14 UTC
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2025-03-07T16:08:48.794Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "url": "https://www.vicarius.io/vsociety/posts/cve-2022-41082-microsoft-exchange-server-remote-code-execution-vulnerability-detection-script"
          },
          {
            "url": "https://www.vicarius.io/vsociety/posts/cve-2022-41082-microsoft-exchange-server-remote-code-execution-vulnerability-mitigation-script"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-41082"
          },
          {
            "name": "VU#915563",
            "tags": [
              "third-party-advisory",
              "x_transferred"
            ],
            "url": "https://www.kb.cert.org/vuls/id/915563"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://packetstormsecurity.com/files/170066/Microsoft-Exchange-ProxyNotShell-Remote-Code-Execution.html"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.secpod.com/blog/microsoft-november-2022-patch-tuesday-patches-65-vulnerabilities-including-6-zero-days/"
          }
        ],
        "title": "CVE Program Container",
        "x_generator": {
          "engine": "ADPogram 0.0.1"
        }
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2022-41082",
                "options": [
                  {
                    "Exploitation": "active"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-02-04T17:55:49.337641Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          },
          {
            "other": {
              "content": {
                "dateAdded": "2022-09-30",
                "reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2022-41082"
              },
              "type": "kev"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-502",
                "description": "CWE-502 Deserialization of Untrusted Data",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-10-21T23:15:33.797Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "references": [
          {
            "tags": [
              "government-resource"
            ],
            "url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2022-41082"
          }
        ],
        "timeline": [
          {
            "lang": "en",
            "time": "2022-09-30T00:00:00.000Z",
            "value": "CVE-2022-41082 added to CISA KEV"
          }
        ],
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "platforms": [
            "x64-based Systems"
          ],
          "product": "Microsoft Exchange Server 2013 Cumulative Update 23",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "15.00.1497.044",
              "status": "affected",
              "version": "15.00.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "platforms": [
            "x64-based Systems"
          ],
          "product": "Microsoft Exchange Server 2016 Cumulative Update 22",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "15.01.2375.037",
              "status": "affected",
              "version": "15.0.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "platforms": [
            "x64-based Systems"
          ],
          "product": "Microsoft Exchange Server 2019 Cumulative Update 11",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "15.02.0986.036",
              "status": "affected",
              "version": "15.02.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "platforms": [
            "x64-based Systems"
          ],
          "product": "Microsoft Exchange Server 2019 Cumulative Update 12",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "15.02.1118.020",
              "status": "affected",
              "version": "15.02.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "platforms": [
            "x64-based Systems"
          ],
          "product": "Microsoft Exchange Server 2016 Cumulative Update 23",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "15.01.2507.016",
              "status": "affected",
              "version": "15.01.0",
              "versionType": "custom"
            }
          ]
        }
      ],
      "cpeApplicability": [
        {
          "nodes": [
            {
              "cpeMatch": [
                {
                  "criteria": "cpe:2.3:a:microsoft:exchange_server:*:cumulative_update_23:*:*:*:*:*:*",
                  "versionEndExcluding": "15.00.1497.044",
                  "versionStartIncluding": "15.00.0",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:a:microsoft:exchange_server:*:cumulative_update_22:*:*:*:*:*:*",
                  "versionEndExcluding": "15.01.2375.037",
                  "versionStartIncluding": "15.0.0",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:a:microsoft:exchange_server:*:cumulative_update_11:*:*:*:*:*:*",
                  "versionEndExcluding": "15.02.0986.036",
                  "versionStartIncluding": "15.02.0",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:a:microsoft:exchange_server:*:cumulative_update_12:*:*:*:*:*:*",
                  "versionEndExcluding": "15.02.1118.020",
                  "versionStartIncluding": "15.02.0",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:a:microsoft:exchange_server:*:cumulative_update_23:*:*:*:*:*:*",
                  "versionEndExcluding": "15.01.2507.016",
                  "versionStartIncluding": "15.01.0",
                  "vulnerable": true
                }
              ],
              "negate": false,
              "operator": "OR"
            }
          ]
        }
      ],
      "datePublic": "2022-09-30T07:00:00.000Z",
      "descriptions": [
        {
          "lang": "en-US",
          "value": "Microsoft Exchange Server Remote Code Execution Vulnerability"
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "baseScore": 8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en-US",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Remote Code Execution",
              "lang": "en-US",
              "type": "Impact"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-03-11T16:10:49.607Z",
        "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
        "shortName": "microsoft"
      },
      "references": [
        {
          "name": "Microsoft Exchange Server Remote Code Execution Vulnerability",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-41082"
        }
      ],
      "title": "Microsoft Exchange Server Remote Code Execution Vulnerability"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
    "assignerShortName": "microsoft",
    "cveId": "CVE-2022-41082",
    "datePublished": "2022-10-03T00:00:00.000Z",
    "dateReserved": "2022-09-19T00:00:00.000Z",
    "dateUpdated": "2025-10-21T23:15:33.797Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "cisa_known_exploited": {
      "cveID": "CVE-2022-41082",
      "cwes": "[\"CWE-502\"]",
      "dateAdded": "2022-09-30",
      "dueDate": "2022-10-21",
      "knownRansomwareCampaignUse": "Known",
      "notes": "https://msrc-blog.microsoft.com/2022/09/29/customer-guidance-for-reported-zero-day-vulnerabilities-in-microsoft-exchange-server/;  https://nvd.nist.gov/vuln/detail/CVE-2022-41082",
      "product": "Exchange Server",
      "requiredAction": "Apply updates per vendor instructions.",
      "shortDescription": "Microsoft Exchange Server contains an unspecified vulnerability that allows for authenticated remote code execution. Dubbed \"ProxyNotShell,\" this vulnerability is chainable with CVE-2022-41040 which allows for the remote code execution.",
      "vendorProject": "Microsoft",
      "vulnerabilityName": "Microsoft Exchange Server Remote Code Execution Vulnerability"
    },
    "epss": {
      "cve": "CVE-2022-41082",
      "date": "2026-07-01",
      "epss": "0.99964",
      "percentile": "0.99975"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2022-41082\",\"sourceIdentifier\":\"secure@microsoft.com\",\"published\":\"2022-10-03T01:15:08.843\",\"lastModified\":\"2026-06-17T05:02:33.460\",\"vulnStatus\":\"Analyzed\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Microsoft Exchange Server Remote Code Execution Vulnerability\"},{\"lang\":\"es\",\"value\":\"Una Vulnerabilidad de Ejecuci\u00f3n de C\u00f3digo Remota en Microsoft Exchange Server\"}],\"affected\":[{\"source\":\"secure@microsoft.com\",\"affectedData\":[{\"vendor\":\"Microsoft\",\"product\":\"Microsoft Exchange Server 2013 Cumulative Update 23\",\"platforms\":[\"x64-based Systems\"],\"versions\":[{\"version\":\"15.00.0\",\"lessThan\":\"15.00.1497.044\",\"versionType\":\"custom\",\"status\":\"affected\"}]},{\"vendor\":\"Microsoft\",\"product\":\"Microsoft Exchange Server 2016 Cumulative Update 22\",\"platforms\":[\"x64-based Systems\"],\"versions\":[{\"version\":\"15.0.0\",\"lessThan\":\"15.01.2375.037\",\"versionType\":\"custom\",\"status\":\"affected\"}]},{\"vendor\":\"Microsoft\",\"product\":\"Microsoft Exchange Server 2019 Cumulative Update 11\",\"platforms\":[\"x64-based Systems\"],\"versions\":[{\"version\":\"15.02.0\",\"lessThan\":\"15.02.0986.036\",\"versionType\":\"custom\",\"status\":\"affected\"}]},{\"vendor\":\"Microsoft\",\"product\":\"Microsoft Exchange Server 2019 Cumulative Update 12\",\"platforms\":[\"x64-based Systems\"],\"versions\":[{\"version\":\"15.02.0\",\"lessThan\":\"15.02.1118.020\",\"versionType\":\"custom\",\"status\":\"affected\"}]},{\"vendor\":\"Microsoft\",\"product\":\"Microsoft Exchange Server 2016 Cumulative Update 23\",\"platforms\":[\"x64-based Systems\"],\"versions\":[{\"version\":\"15.01.0\",\"lessThan\":\"15.01.2507.016\",\"versionType\":\"custom\",\"status\":\"affected\"}]}]}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"secure@microsoft.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":8.0,\"baseSeverity\":\"HIGH\",\"attackVector\":\"ADJACENT_NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":2.1,\"impactScore\":5.9}],\"ssvcV203\":[{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"ssvcData\":{\"timestamp\":\"2025-02-04T17:55:49.337641Z\",\"id\":\"CVE-2022-41082\",\"options\":[{\"exploitation\":\"active\"},{\"automatable\":\"no\"},{\"technicalImpact\":\"total\"}],\"role\":\"CISA Coordinator\",\"version\":\"2.0.3\"}}]},\"cisaExploitAdd\":\"2022-09-30\",\"cisaActionDue\":\"2022-10-21\",\"cisaRequiredAction\":\"Apply updates per vendor instructions.\",\"cisaVulnerabilityName\":\"Microsoft Exchange Server Remote Code Execution Vulnerability\",\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-502\"}]},{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-502\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:microsoft:exchange_server:2013:cumulative_update_23:*:*:*:*:*:*\",\"matchCriteriaId\":\"DA166F2A-D83B-4D50-AD0B-668D813E0585\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_22:*:*:*:*:*:*\",\"matchCriteriaId\":\"449CE85B-E599-44D3-A7C1-5133F6A55E86\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_23:*:*:*:*:*:*\",\"matchCriteriaId\":\"FF76AEDA-E574-40ED-B64F-8FDEF8CAC802\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:microsoft:exchange_server:2019:cumulative_update_11:*:*:*:*:*:*\",\"matchCriteriaId\":\"435343A4-BF10-461A-ABF2-D511A5FBDA75\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:microsoft:exchange_server:2019:cumulative_update_12:*:*:*:*:*:*\",\"matchCriteriaId\":\"B23C8E3E-5243-4DA6-B9AA-F6053084B55E\"}]}]}],\"references\":[{\"url\":\"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-41082\",\"source\":\"secure@microsoft.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://packetstormsecurity.com/files/170066/Microsoft-Exchange-ProxyNotShell-Remote-Code-Execution.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-41082\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"https://www.kb.cert.org/vuls/id/915563\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"US Government Resource\"]},{\"url\":\"https://www.secpod.com/blog/microsoft-november-2022-patch-tuesday-patches-65-vulnerabilities-including-6-zero-days/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.vicarius.io/vsociety/posts/cve-2022-41082-microsoft-exchange-server-remote-code-execution-vulnerability-detection-script\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.vicarius.io/vsociety/posts/cve-2022-41082-microsoft-exchange-server-remote-code-execution-vulnerability-mitigation-script\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2022-41082\",\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"tags\":[\"US Government Resource\"]}]}}",
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://www.vicarius.io/vsociety/posts/cve-2022-41082-microsoft-exchange-server-remote-code-execution-vulnerability-detection-script\"}, {\"url\": \"https://www.vicarius.io/vsociety/posts/cve-2022-41082-microsoft-exchange-server-remote-code-execution-vulnerability-mitigation-script\"}, {\"url\": \"https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-41082\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://www.kb.cert.org/vuls/id/915563\", \"name\": \"VU#915563\", \"tags\": [\"third-party-advisory\", \"x_transferred\"]}, {\"url\": \"http://packetstormsecurity.com/files/170066/Microsoft-Exchange-ProxyNotShell-Remote-Code-Execution.html\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://www.secpod.com/blog/microsoft-november-2022-patch-tuesday-patches-65-vulnerabilities-including-6-zero-days/\", \"tags\": [\"x_transferred\"]}], \"x_generator\": {\"engine\": \"ADPogram 0.0.1\"}, \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2025-03-07T16:08:48.794Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2022-41082\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"active\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"total\"}], \"version\": \"2.0.3\", \"timestamp\": \"2025-02-04T17:55:49.337641Z\"}}}, {\"other\": {\"type\": \"kev\", \"content\": {\"dateAdded\": \"2022-09-30\", \"reference\": \"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2022-41082\"}}}], \"timeline\": [{\"lang\": \"en\", \"time\": \"2022-09-30T00:00:00.000Z\", \"value\": \"CVE-2022-41082 added to CISA KEV\"}], \"references\": [{\"url\": \"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2022-41082\", \"tags\": [\"government-resource\"]}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-502\", \"description\": \"CWE-502 Deserialization of Untrusted Data\"}]}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2025-02-04T17:55:32.763Z\"}}], \"cna\": {\"title\": \"Microsoft Exchange Server Remote Code Execution Vulnerability\", \"metrics\": [{\"format\": \"CVSS\", \"cvssV3_1\": {\"version\": \"3.1\", \"baseScore\": 8, \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C\"}, \"scenarios\": [{\"lang\": \"en-US\", \"value\": \"GENERAL\"}]}], \"affected\": [{\"vendor\": \"Microsoft\", \"product\": \"Microsoft Exchange Server 2013 Cumulative Update 23\", \"versions\": [{\"status\": \"affected\", \"version\": \"15.00.0\", \"lessThan\": \"15.00.1497.044\", \"versionType\": \"custom\"}], \"platforms\": [\"x64-based Systems\"]}, {\"vendor\": \"Microsoft\", \"product\": \"Microsoft Exchange Server 2016 Cumulative Update 22\", \"versions\": [{\"status\": \"affected\", \"version\": \"15.0.0\", \"lessThan\": \"15.01.2375.037\", \"versionType\": \"custom\"}], \"platforms\": [\"x64-based Systems\"]}, {\"vendor\": \"Microsoft\", \"product\": \"Microsoft Exchange Server 2019 Cumulative Update 11\", \"versions\": [{\"status\": \"affected\", \"version\": \"15.02.0\", \"lessThan\": \"15.02.0986.036\", \"versionType\": \"custom\"}], \"platforms\": [\"x64-based Systems\"]}, {\"vendor\": \"Microsoft\", \"product\": \"Microsoft Exchange Server 2019 Cumulative Update 12\", \"versions\": [{\"status\": \"affected\", \"version\": \"15.02.0\", \"lessThan\": \"15.02.1118.020\", \"versionType\": \"custom\"}], \"platforms\": [\"x64-based Systems\"]}, {\"vendor\": \"Microsoft\", \"product\": \"Microsoft Exchange Server 2016 Cumulative Update 23\", \"versions\": [{\"status\": \"affected\", \"version\": \"15.01.0\", \"lessThan\": \"15.01.2507.016\", \"versionType\": \"custom\"}], \"platforms\": [\"x64-based Systems\"]}], \"datePublic\": \"2022-09-30T07:00:00.000Z\", \"references\": [{\"url\": \"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-41082\", \"name\": \"Microsoft Exchange Server Remote Code Execution Vulnerability\", \"tags\": [\"vendor-advisory\"]}], \"descriptions\": [{\"lang\": \"en-US\", \"value\": \"Microsoft Exchange Server Remote Code Execution Vulnerability\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en-US\", \"type\": \"Impact\", \"description\": \"Remote Code Execution\"}]}], \"cpeApplicability\": [{\"nodes\": [{\"negate\": false, \"cpeMatch\": [{\"criteria\": \"cpe:2.3:a:microsoft:exchange_server:*:cumulative_update_23:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"15.00.1497.044\", \"versionStartIncluding\": \"15.00.0\"}, {\"criteria\": \"cpe:2.3:a:microsoft:exchange_server:*:cumulative_update_22:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"15.01.2375.037\", \"versionStartIncluding\": \"15.0.0\"}, {\"criteria\": \"cpe:2.3:a:microsoft:exchange_server:*:cumulative_update_11:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"15.02.0986.036\", \"versionStartIncluding\": \"15.02.0\"}, {\"criteria\": \"cpe:2.3:a:microsoft:exchange_server:*:cumulative_update_12:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"15.02.1118.020\", \"versionStartIncluding\": \"15.02.0\"}, {\"criteria\": \"cpe:2.3:a:microsoft:exchange_server:*:cumulative_update_23:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"15.01.2507.016\", \"versionStartIncluding\": \"15.01.0\"}], \"operator\": \"OR\"}]}], \"providerMetadata\": {\"orgId\": \"f38d906d-7342-40ea-92c1-6c4a2c6478c8\", \"shortName\": \"microsoft\", \"dateUpdated\": \"2025-03-11T16:10:49.607Z\"}}}",
      "cveMetadata": "{\"cveId\": \"CVE-2022-41082\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-10-21T23:15:33.797Z\", \"dateReserved\": \"2022-09-19T00:00:00.000Z\", \"assignerOrgId\": \"f38d906d-7342-40ea-92c1-6c4a2c6478c8\", \"datePublished\": \"2022-10-03T00:00:00.000Z\", \"assignerShortName\": \"microsoft\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.


Loading…

Loading…

Loading…

Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.

Sightings

Author Source Type Date Other

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Loading…

Detection rules are retrieved from Rulezet.

Loading…

Loading…