New Microsoft Exchange Exploit Chain via "OWASSRF" Leads to RCE - Arctic Wolf
Tags
attack-pattern: Model Control Panel - T1218.002 Powershell - T1059.001 Server - T1583.004 Server - T1584.004 Web Services - T1583.006 Web Services - T1584.006 Vulnerabilities - T1588.006 Connection Proxy - T1090 Powershell - T1086
Show in Graph
Common Information
Type Value
UUID dd9643c6-33d5-4ccb-b592-9e005568fac5
Fingerprint b7d93a57ea90b8c3
Analysis status DONE
Considered CTI value 0
Text language
Published Dec. 21, 2022, 11:01 p.m.
Added to db Dec. 22, 2022, 10:52 a.m.
Last updated Nov. 13, 2024, 7:20 p.m.
Headline New Microsoft Exchange Exploit Chain via “OWASSRF” Leads to RCE
Title New Microsoft Exchange Exploit Chain via "OWASSRF" Leads to RCE - Arctic Wolf
Detected Hints/Tags/Attributes 23/1/4
Source URLs
Redirection Url
Details Source https://arcticwolf.com/resources/blog/new-microsoft-exchange-exploit-chain-via-owassrf-leads-to-rce/
URL Provider
Details Provider Source level domain
Details arcticwolf.com arcticwolf.com
RSS Feed
Details Id Enabled Feed title Url Added to db
Details 16 Arctic Wolf https://arcticwolf.com/feed/ 2024-08-30 22:08
Attributes
Details Type #Events CTI Value
Details CVE 50 
cve-2022-41080
Details CVE 127 
cve-2022-41082
Details Microsoft Patch Numbers 6 
KB5019758
Details Url 1 
https://practical365.com/stop-publishing-exchange-to-the-internet-after-migrating-to-exchange-online