CVE-2022-41082

Exploited in the Wild ✓ Confirmed 0-Day ★ Google Project Zero

Triaged: March 3, 2026 14 articles

VulnLookup ↗ NVD ↗ MITRE ↗ Advisory ↗ P0 Sheet ↗ CISA KEV ↗

EPSS Score

Source: FIRST.org · 2026-05-24

91.51%

probability

This CVE has a 91.51% probability of being exploited in the next 30 days.

0% Top 99.7th percentile of all CVEs 100%

CVSS score unavailable

Neither CIRCL nor NVD returned a CVSS score for this CVE. View on VulnerabilityLookup ↗

Description

Project Zero

Remote code execution

Attack Intelligence

CWE-502 · Deserialization of Untrusted Data CWE-664 · Improper Control of a Resource Through its Lifetime CWE-913 · Improper Control of Dynamically-Managed Code Resources

Google Project Zero

Patched

Nov. 8, 2022

Reported by

Piotr Bazydlo (@chudypb) and DA-0x43-Dx4-DA-Hx2-Tx2-TP-S-Q from GTSC working with Trend Micro Zero Day Initiative

Root Cause Analysis

???

Exploits & PoC

balki97/OWASSRF-CVE-2022-41082-POC

PoC for the CVE-2022-41080 , CVE-2022-41082 and CVE-2022-41076 Vulnerabilities Affecting Microsoft Exchange Servers

soltanali0/CVE-2022-41082

CVE-2022-41082-poc

bigherocenter/CVE-2022-41082-POC

PoC CVE-2022-41082 — bigherocenter/CVE-2022-41082-POC

3 repos — triés par ⭐ Rechercher sur GitHub ↗

Microsoft confirms new Exchange zero-days are used in attacks

BleepingComputer Sep 30, 2022

Microsoft fixes ProxyNotShell Exchange zero-days exploited in attacks

BleepingComputer Nov 08, 2022

October 2022 Patch Tuesday | Microsoft Releases 84 Vulnerabilities With 13 Critical, Plus 12 Microsoft Edge (Chromium-Based); Adobe Releases 4 Advisories, 29 Vulnerabilities With 17 Critical.

Qualys Oct 11, 2022

November 2022 Patch Tuesday | Microsoft Releases 65 New Vulnerabilities With 10 Critical; Adobe Releases Zero Advisories (for the First Time in Six Years).

Qualys Nov 08, 2022

Defense Lessons From the Black Basta Ransomware Playbook

Qualys Feb 25, 2025

Security Advisory 2022-079

CERT-EU Nov 09, 2022

Microsoft Confirms 2 New Exchange Zero-Day Flaws Being Used in the Wild

TheHackerNews

Microsoft Exchange servers hacked to deploy LockBit ransomware

BleepingComputer Oct 11, 2022

Fake Microsoft Exchange ProxyNotShell exploits for sale on GitHub

BleepingComputer Oct 03, 2022

Qualys Research Team: Threat Thursdays, October 2022

Qualys Oct 28, 2022

Qualys Response to ProxyNotShell Microsoft Exchange Server Zero-Day Threat Using Qualys Cloud Platform

Qualys Sep 30, 2022

State-Sponsored Hackers Likely Exploited MS Exchange 0-Days Against ~10 Organizations

TheHackerNews

Microsoft updates mitigation for ProxyNotShell Exchange zero days

BleepingComputer Oct 05, 2022

Microsoft Exchange server zero-day mitigation can be bypassed

BleepingComputer Oct 03, 2022

Signal Intelligence

Confidenceⓘ

85%

EPSS 91.51%

Mentions 14

Last Seen Feb 25, 2025

CNA Information

Analyst Note

This CVE is confirmed as an exploited zero-day affecting Microsoft Exchange Server with a high CVSS score of 8.0 and inclusion in Google Project Zero, demonstrating active weaponization in the wild. The CERT-EU security advisory corroborates the vulnerability's severity and real-world exploitation, though limited article coverage prevents a higher confidence score.