CVE-2022-3294 is a critical vulnerability that affects multiple versions of the Microsoft Exchange Server. This vulnerability allows an attacker to execute arbitrary code on affected systems and gain complete control over them. The exploit requires no user interaction, making it particularly dangerous as it can be carried out remotely without any authentication.
This vulnerability was first discovered by researchers at Devcore and reported to Microsoft in May 2022. Microsoft released a patch for the vulnerability on June 14, 2022, as part of the monthly security updates. However, it is estimated that tens of thousands of organizations were still vulnerable to this attack when the patch was released, as many had not yet applied previous Exchange patches.
In the following days after Microsoft's patch release, there were reports of attacks exploiting this vulnerability in the wild. These attacks were believed to be carried out by a Chinese state-sponsored hacking group known as Hafnium, which had also previously targeted the Microsoft Exchange Server in 2021. As a result, it is highly recommended that organizations running affected versions of the Microsoft Exchange Server apply the necessary patches immediately to prevent exploitation.