Microsoft Exchange Server Privilege Escalation Vulnerability

Added Jan. 10, 2023 • Due Jan. 31, 2023 • CVE-2022-41080

Overdue Microsoft / Exchange Server Known Ransomware Use

Description

Microsoft Exchange Server contains an unspecified vulnerability that allows for privilege escalation. This vulnerability is chainable with CVE-2022-41082, which allows for remote code execution.

Required Action

Apply updates per vendor instructions.

References

https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2022-41080
https://nvd.nist.gov/vuln/detail/CVE-2022-41080

Additional Information

Catalog Version: 2025.01.24
Catalog Released: Jan. 24, 2025
Days Until Due: 0 days
Last Updated: 9 months, 4 weeks ago