{"id":83353,"date":"2022-10-01T01:56:07","date_gmt":"2022-10-01T01:56:07","guid":{"rendered":"https:\/\/harchi90.com\/urgent-microsoft-exchange-double-zero-day-like-proxyshell-only-different-naked-security\/"},"modified":"2022-10-01T01:56:07","modified_gmt":"2022-10-01T01:56:07","slug":"urgent-microsoft-exchange-double-zero-day-like-proxyshell-only-different-naked-security","status":"publish","type":"post","link":"https:\/\/harchi90.com\/urgent-microsoft-exchange-double-zero-day-like-proxyshell-only-different-naked-security\/","title":{"rendered":"URGENT! Microsoft Exchange double zero-day \u2013 \u201clike ProxyShell, only different\u201d \u2013 Naked Security"},"content":{"rendered":"
Just when you hoped the week would quieten down and yield you some SecOps downtime over the weekend\u2026<\/p>\n
\u2026and along comes a brand new zero-day hole in Microsoft Exchange!<\/p>\n
more precisely, two zero-days <\/strong>that can apparently be chained together, with the first bug used remotely to open enough of a hole to trigger the second bug, which potentially allows remote code execution (RCE) on the Exchange server itself.<\/p>\n Microsoft quickly published official guidance about these vulnerabilities, summarising the situation as follows:<\/p>\n Microsoft is investigating two reported zero-day vulnerabilities affecting Microsoft Exchange Server 2013, 2016, and 2019. The first vulnerability, identified as CVE-2022-41040<\/strong>is a Server-Side Request Forgery (SSRF) vulnerability, while the second, identified as CVE-2022-41082<\/b>allows remote code execution (RCE) when PowerShell is accessible to the attacker. <\/p>\n At this time, Microsoft is aware of limited targeted attacks using the two vulnerabilities to get into users’ systems. In these attacks, CVE-2022-41040 can enable an authenticated attacker to remotely trigger CVE-2022-41082. It should be noted that authenticated access to the vulnerable Exchange Server is necessary to successfully exploit either of the two vulnerabilities.<\/p>\n<\/blockquote>\n As far as we can see, there are two silver linings here:<\/p>\n\n
\n