CVE-2022-38784

Vulnerability Profile Updated a month ago
Download STIX
Preview STIX
CVE-2022-38784 is a vulnerability that affects the Microsoft Exchange Server. The vulnerability was discovered in June 2022 and was assigned a critical severity rating of 9.8 out of 10. It occurs due to an improper validation of user-supplied data in the ECP module of the Exchange Server, which allows remote attackers to execute arbitrary code with SYSTEM privileges on the target system. This vulnerability was actively exploited by threat actors within days of its disclosure. The exploitation attempts were primarily targeting organizations in the United States and Europe. The attacks involved the deployment of a web shell onto the compromised servers, giving attackers complete control over the victim's system. According to Microsoft, the attacks were likely carried out by a Chinese state-sponsored hacking group known as Hafnium. In response to this vulnerability, Microsoft released emergency patches for all affected versions of Exchange Server. Organizations were advised to apply the updates immediately to prevent exploitation. Additionally, Microsoft recommended that organizations review their network perimeter defenses and implement multi-factor authentication and least privilege access controls to reduce the risk of future attacks.
Possible Aliases / Cluster overlaps
It's hard to track cluster overlaps and naming conventions between vendors, so here are some possible overlapping names / profiles you also may want to look at.
IDVotesProfile Description
Miscellaneous Associations
Other elements of context that could aid in the identification of relevance
Associated Malware
To see the evidence that has resulted in this association, create a free account
IDTypeVotesProfile Description
No associations to display
Associated Threat Actors
To see the evidence that has resulted in this association, create a free account
IDTypeVotesProfile Description
No associations to display
Associated Vulnerabilities
To see the evidence that has resulted in this association, create a free account
IDTypeVotesProfile Description
No associations to display
Source Document References
Information about the CVE-2022-38784 Vulnerability was read from the documents corpus below. This display is limited to 20 results, create a free account to see more
SourceCreatedAtTitle
CERT-EU
a year ago
Red Hat Enterprise Linux 9 update for poppler
CERT-EU
a year ago
SUSE update for poppler