CVE-2022-0543

Vulnerability updated 8 days ago (2024-11-29T13:40:32.674Z)
Download STIX
Preview STIX
CVE-2022-0543 is a critical vulnerability in software design or implementation that was first identified in 2022. This flaw, known as a Lua sandbox escape vulnerability, affects Redis instances and has been exploited by P2PInfect, a self-replicating worm written in the Rust programming language. The issue received a severity rating of 10.0 on the Common Vulnerability Scoring System (CVSS), indicating its high risk level. The P2PInfect malware was first detected and documented in July 2023 by Palo Alto Networks Unit 42. Primarily targeting unpatched Redis servers, it exploits CVE-2022-0543 for initial access to the systems. The worm's self-replication capability combined with this vulnerability allows it to spread rapidly, loading a malicious Redis module through an unauthorized replication attack. Since its initial detection, P2PInfect has continued to pose significant threats to Redis servers worldwide. The malware was first disclosed back in July 2023, and despite efforts to mitigate its impact, it continues to exploit the Lua sandbox escape vulnerability (CVE-2022-0543) in unpatched Redis instances. As such, immediate patching and strengthening of security measures are recommended to prevent further exploitation of this vulnerability.
Description last updated: 2024-05-04T16:54:24.130Z
What's your take? (Question 1 of 3)
Help tune the shared Cybergeist dataset, assist your peers, and earn karma. Expand the panel to get started.
Aliases We are not currently tracking any aliases
Miscellaneous Associations
Other elements of context that could aid in the identification of relevance
Redis
Malware
Analyst Notes & Discussion
Be the first to leave your mark here! Log in to share your views and vote.
Associated Malware
To see the evidence that has resulted in these malware associations, create a free account
Alias DescriptionAssociation TypeVotes
The P2pinfect Malware is associated with CVE-2022-0543. P2Pinfect is a form of malware, malicious software designed to infiltrate and damage computer systems or devices without the user's knowledge. It can enter your system through suspicious downloads, emails, or websites and once inside, it has the ability to steal personal information, disrupt operatiUnspecified
2
The Redigo Malware is associated with CVE-2022-0543. Redigo is a type of malware that exploits vulnerabilities in Redis servers, specifically the CVE-2022-0543 vulnerability. This harmful software can infiltrate systems through suspicious downloads, emails, or websites and once inside, it has the potential to steal personal information, disrupt operatUnspecified
2
Source Document References
Information about the CVE-2022-0543 Vulnerability was read from the documents corpus below. This display is limited to 20 results, create a free account to see more
PreviewSource LinkCreatedAtTitle
Securityaffairs
5 months ago
CERT-EU
a year ago
CERT-EU
a year ago
CERT-EU
a year ago
Securityaffairs
a year ago
CERT-EU
a year ago
CERT-EU
a year ago
CERT-EU
a year ago
CERT-EU
a year ago
Securityaffairs
a year ago
CERT-EU
a year ago
CERT-EU
a year ago
CERT-EU
a year ago
CERT-EU
a year ago
CERT-EU
a year ago
CERT-EU
a year ago
CERT-EU
a year ago
CERT-EU
a year ago
DARKReading
a year ago
Unit42
a year ago