CVE-2022-0543

Vulnerability updated 5 months ago (2024-05-04T19:14:50.761Z)

Download STIX

Preview STIX

CVE-2022-0543 is a critical vulnerability in software design or implementation that was first identified in 2022. This flaw, known as a Lua sandbox escape vulnerability, affects Redis instances and has been exploited by P2PInfect, a self-replicating worm written in the Rust programming language. The issue received a severity rating of 10.0 on the Common Vulnerability Scoring System (CVSS), indicating its high risk level. The P2PInfect malware was first detected and documented in July 2023 by Palo Alto Networks Unit 42. Primarily targeting unpatched Redis servers, it exploits CVE-2022-0543 for initial access to the systems. The worm's self-replication capability combined with this vulnerability allows it to spread rapidly, loading a malicious Redis module through an unauthorized replication attack. Since its initial detection, P2PInfect has continued to pose significant threats to Redis servers worldwide. The malware was first disclosed back in July 2023, and despite efforts to mitigate its impact, it continues to exploit the Lua sandbox escape vulnerability (CVE-2022-0543) in unpatched Redis instances. As such, immediate patching and strengthening of security measures are recommended to prevent further exploitation of this vulnerability.

Description last updated: 2024-05-04T16:54:24.130Z

What's your take? (Question 1 of 3)

Help tune the shared Cybergeist dataset, assist your peers, and earn karma. Expand the panel to get started.

Aliases We are not currently tracking any aliases

Miscellaneous Associations

Other elements of context that could aid in the identification of relevance

Redis

Malware

Analyst Notes & Discussion

Be the first to leave your mark here! Log in to share your views and vote.

Associated Malware

To see the evidence that has resulted in these malware associations, create a free account

Alias Description	Association Type	Votes
The P2pinfect Malware is associated with CVE-2022-0543. P2Pinfect is a form of malware, malicious software designed to infiltrate and damage computer systems or devices without the user's knowledge. It can enter your system through suspicious downloads, emails, or websites and once inside, it has the ability to steal personal information, disrupt operati	Unspecified	2
The Redigo Malware is associated with CVE-2022-0543. Redigo is a type of malware that exploits vulnerabilities in Redis servers, specifically the CVE-2022-0543 vulnerability. This harmful software can infiltrate systems through suspicious downloads, emails, or websites and once inside, it has the potential to steal personal information, disrupt operat	Unspecified	2

Source Document References

Information about the CVE-2022-0543 Vulnerability was read from the documents corpus below. This display is limited to 20 results, create a free account to see more

Source Link	CreatedAt	Title
Securityaffairs	4 months ago	New P2Pinfect version delivers miners and ransomware on Redis servers
CERT-EU	10 months ago	Cyber Security Week in Review: December 8, 2023
CERT-EU	10 months ago	Rust-based P2Pinfect botnet goes after MIPS devices
CERT-EU	10 months ago	Stealthier version of P2Pinfect malware targets MIPS devices
Securityaffairs	10 months ago	New P2PInfect bot targets routers and IoT devices
CERT-EU	10 months ago	P2PInfect Botnet Is Now Targeting MIPS-Based IoT Devices
CERT-EU	10 months ago	New P2PInfect Botnet MIPS Variant Targeting Routers and IoT Devices
CERT-EU	a year ago	Experts warn of a 600X increase in P2Pinfect traffic
CERT-EU	a year ago	New P2Pinfect botnet malware targets Redis servers
Securityaffairs	a year ago	Experts discovered a previously undocumented initial access vector used by P2PInfect worm
CERT-EU	a year ago	Self-replicating worm malware infects exposed Redis data store used for live streaming
CERT-EU	a year ago	New P2PInfect Worm Targets Redis Servers with Undocumented Breach Methods
CERT-EU	a year ago	Rust, that got packed into Windows 11 recently, used to hack both Windows and Linux servers
CERT-EU	a year ago	ALERT: Self-Replicating P2PInfect Worm Hits Redis Instances
CERT-EU	a year ago	New P2P Worm Puts Windows and Linux Redis Servers in its Sights
CERT-EU	a year ago	P2PInfect: New Peer-to-Peer Worm Targeting Redis Servers
CERT-EU	a year ago	P2PInfect, a Rusty P2P worm targets Redis Servers on Linux and Windows systems - Security Affairs
CERT-EU	a year ago	Worm targeting unpatched Redis databases, say researchers \| IT World Canada News
DARKReading	a year ago	P2P Self-Replicating Cloud Worm Targets Redis
Unit42	a year ago	P2PInfect: The Rusty Peer-to-Peer Self-Replicating Worm