all InfoSec news
Control Your Types or Get Pwned: Remote Code Execution in Exchange PowerShell Backend
Zero Day Initiative - Blog www.zerodayinitiative.com
By now you have likely already heard about the in-the-wild exploitation of Exchange Server, chaining CVE-2022-41040 and CVE-2022-41082. It was originally submitted to the ZDI program by the researcher known as “DA-0x43-Dx4-DA-Hx2-Tx2-TP-S-Q from GTSC”. After successful validation, it was immediately submitted to Microsoft. They patched both bugs along with several other Exchange vulnerabilities in the November Patch Tuesday release.
It is a beautiful chain, with an ingenious vector for gaining remote code execution. The tricky part is that it can …
backend blog post code code execution control exchange powershell pwned remote code execution