Microsoft Exchange Server Remote Code Execution Vulnerability

Microsoft Exchange Server Remote Code Execution Vulnerability

One high* level Microsoft Exchange Server Remote Code Execution Vulnerability with a CVSS 3.1 score of 8.8 was released.

An attacker who successfully exploits this vulnerability can run arbitrary code in the context of the system user. The exploitation of this vulnerability requires an authenticated user in a certain exchange role to be compromised. Even though no exploit regarding this vulnerability has been discovered, due to its severity/criticality, it is highly recommended that the following patches are downloaded to ensure the safety of systems/assets (The analysis by NIST is still ongoing; CVSS 3.1 score may eventually go up).

Affected Systems

The following servers/systems are affected by these vulnerabilities;

• Microsoft Exchange Server 2019 Cumulative Update 11
• Microsoft Exchange Server 2016 Cumulative Update 22
• Microsoft Exchange Server 2019 Cumulative Update 10
• Microsoft Exchange Server 2016 Cumulative Update 21
• Microsoft Exchange Server 2013 Cumulative Update 23

IoC’s

-

Recommended Solution(s)

Organizations using the following products are recommended to download the patches in the table below.

CVE / CWE

CVE-2022-23277

Related Website(s)

• https://nvd.nist.gov/vuln/detail/CVE-2022-23277
• https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2022-23277

* Vulnerabilities with a CVSS 3.1 score between 7.0 and 8.9 are evaluated to be “high” whereas vulnerabilities with a CVSS 3.1 score between 9.0 and 10.0 are evaluated to be “critical”.