What is CVE-2022-41080?

CVE-2022-41080 is a privilege escalation vulnerability in Microsoft Exchange Server.

How does CVE-2022-41080 affect Microsoft Exchange Server?

CVE-2022-41080 allows an attacker to escalate privileges on a Microsoft Exchange Server.

What is the severity level of CVE-2022-41080?

The severity level of CVE-2022-41080 is not specified in the vulnerability report.

How can I protect my Microsoft Exchange Server from CVE-2022-41080?

To protect your Microsoft Exchange Server from CVE-2022-41080, apply the necessary security patches provided by Microsoft.

Vulnerability/
CVE-2022-41080

Exploited

critical

9.8

8/11/2022

9/11/2022

18/1/2024

CVE-2022-41080: Microsoft Exchange Server Privilege Escalation Vulnerability

First published: Tue Nov 08 2022(Updated: )

Microsoft Exchange Server contains an unspecified vulnerability that allows for privilege escalation. This vulnerability is chainable with CVE-2022-41082, which allows for remote code execution.

Credit: secure@microsoft.com

Affected Software	Affected Version	How to fix
Microsoft Exchange Server	=2013-cumulative_update_23
Microsoft Exchange Server	=2016-cumulative_update_22
Microsoft Exchange Server	=2016-cumulative_update_23
Microsoft Exchange Server	=2019-cumulative_update_11
Microsoft Exchange Server	=2019-cumulative_update_12
Microsoft Exchange Server
	=23	fix available externally
	=22	fix available externally
	=11	fix available externally
	=23	fix available externally
	=12	fix available externally

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is CVE-2022-41080?
CVE-2022-41080 is a privilege escalation vulnerability in Microsoft Exchange Server.
How does CVE-2022-41080 affect Microsoft Exchange Server?
CVE-2022-41080 allows an attacker to escalate privileges on a Microsoft Exchange Server.
Is CVE-2022-41080 chained with another vulnerability?
Yes, CVE-2022-41080 is chainable with CVE-2022-41082, which allows for remote code execution.
What is the severity level of CVE-2022-41080?
The severity level of CVE-2022-41080 is not specified in the vulnerability report.
How can I protect my Microsoft Exchange Server from CVE-2022-41080?
To protect your Microsoft Exchange Server from CVE-2022-41080, apply the necessary security patches provided by Microsoft.

agent/first-publish-date
agent/type
agent/references
agent/title
agent/severity
agent/author
agent/description
collector/mitre-cve
source/MITRE
agent/last-modified-date
collector/msrc-cve
source/Microsoft
agent/software-canonical-lookup
agent/softwarecombine
agent/event
agent/tags
exploited/true
ransomware/true
collector/cisa-known-exploited
source/CISA
agent/software-canonical-lookup-request
collector/nvd-index
vendor/microsoft
canonical/microsoft exchange server 2019
version/microsoft exchange server 2019/12
version/microsoft exchange server 2019/11
canonical/microsoft exchange server 2016
version/microsoft exchange server 2016/23
canonical/microsoft exchange server 2013
version/microsoft exchange server 2013/23
version/microsoft exchange server 2016/22
canonical/microsoft exchange server
version/microsoft exchange server/2013-cumulative_update_23
version/microsoft exchange server/2016-cumulative_update_22
version/microsoft exchange server/2016-cumulative_update_23
version/microsoft exchange server/2019-cumulative_update_11
version/microsoft exchange server/2019-cumulative_update_12

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co

By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.