Top 5 Zero-day Vulnerabilities of October

Leave a Comment / By /

1. CVE-2022-42827

Severity – High

An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in iOS 15.7.1 and iPadOS 15.7.1, iOS 16.1 and iPadOS 16. An application may be able to execute arbitrary code with kernel privileges. Apple is aware of a report that this issue may have been actively exploited.

More details : Strobes VI – CVE-2022-42827

Zeroday references:

  1. https://www.zero-day.cz/database/726

Patch references:

  1. https://www.cybersecurity-help.cz/vdb/SB2022102435
  2. https://support.apple.com/en-us/HT213490
  3. https://support.apple.com/en-us/HT213489

2. CVE-2022-42458

Severity – Low

More details : Strobes VI – CVE-2022-42458

Zeroday references:

  1. https://www.zero-day.cz/database/724

Patch references:

  1. https://www.cybersecurity-help.cz/vdb/SB2022101101

3. CVE-2022-41082

Severity – High

Microsoft Exchange Server Remote Code Execution Vulnerability.

More details : Strobes VI – CVE-2022-41082

Exploit references: 

  1. https://github.com/revers0id/CVE-2022-41082-PoC
  2. https://github.com/jml4da/CVE-2022-41082-POC
  3. https://github.com/spher0X/CVE-2022-41082-RCE
  4. https://github.com/Diverto/nse-exchange
  5. https://github.com/SigmaHQ/sigma/blob/master/rules/windows/process_creation/proc_creation_win_webshell_chopper.yml
  6. https://github.com/SigmaHQ/sigma/blob/master/rules/windows/file_event/file_event_win_exchange_webshell_drop.yml
  7. https://github.com/krc0m/CVE-2022-41082
  8. https://github.com/0xR0o7/CVE-2022-41082-MASS-RCE
  9. https://github.com/SigmaHQ/sigma/blob/master/rules/windows/file_event/file_event_win_exchange_webshell_drop_suspicious.yml
  10. https://github.com/kev-beaumont/CVE-2022-41082-RCE-POC
  11. https://github.com/V1rpo/CVE-2022-41082-MASS-RCE
  12. https://github.com/kevibeaumont/CVE-2022-41082-RCE-POC
  13. https://github.com/b3wT/CVE-2022-41082-MASS-SCANNER
  14. https://github.com/t0mby/CVE-2022-41082-RCE
  15. https://github.com/t0mby/CVE-2022-41082-MASS-RCE
  16. https://github.com/SigmaHQ/sigma/blob/master/rules/windows/file/file_event/file_event_win_exchange_webshell_drop_suspicious.yml
  17. https://github.com/SigmaHQ/sigma/blob/master/rules/windows/file/file_event/file_event_win_exchange_webshell_drop.yml
  18. https://github.com/backcr4t/CVE-2022-41082-RCE
  19. https://github.com/trhacknon/CVE-2022-41082-MASS-SCANNER


Zeroday references:

  1. https://www.zero-day.cz/database/722
  2. https://portswigger.net/daily-swig/microsoft-confirms-zero-day-exploits-against-exchange-server-in-limited-attacks

Patch references:

  1. https://www.cybersecurity-help.cz/vdb/SB2022093001
  2. https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-41082

4. CVE-2022-41040

Severity – High

Microsoft Exchange Server Elevation of Privilege Vulnerability.

More details: Strobes VI – CVE-2022-41040

Exploit references: 

  1. https://github.com/SigmaHQ/sigma/blob/master/rules/windows/process_creation/proc_creation_win_webshell_chopper.yml
  2. https://github.com/SigmaHQ/sigma/blob/master/rules/windows/file_event/file_event_win_exchange_webshell_drop.yml
  3. https://github.com/numanturle/CVE-2022-41040
  4. https://github.com/CentarisCyber/CVE-2022-41040_Mitigation
  5. https://github.com/SigmaHQ/sigma/blob/master/rules/windows/file_event/file_event_win_exchange_webshell_drop_suspicious.yml
  6. https://github.com/r3dcl1ff/CVE-2022-41040
  7. https://github.com/d3duct1v/CVE-2022-41040
  8. https://github.com/kev-beaumont/CVE-2022-41040-RCE-POC
  9. https://github.com/kevibeaumont/CVE-2022-41040-RCE-POC
  10.  https://github.com/gitzero0/ProxyNotShell
  11.  https://github.com/kljunowsky/CVE-2022-41040-POC
  12.  https://github.com/rjsudlow/proxynotshell-IOC-Checker
  13. https://github.com/SigmaHQ/sigma/blob/master/rules/windows/file/file_event/file_event_win_exchange_webshell_drop_suspicious.yml
  14. https://github.com/SigmaHQ/sigma/blob/master/rules/windows/file/file_event/file_event_win_exchange_webshell_drop.yml
  15.  https://github.com/ITPATJIDR/CVE-2022-41040
  16.  https://github.com/TaroballzChen/CVE-2022-41040-metasploit-ProxyNotShell
  17.  https://github.com/trhacknon/CVE-2022-41040-metasploit-ProxyNotShell

Zeroday references:

  1. https://www.zero-day.cz/database/723
  2. https://portswigger.net/daily-swig/microsoft-confirms-zero-day-exploits-against-exchange-server-in-limited-attacks

Patch references:

  1. https://www.cybersecurity-help.cz/vdb/SB2022093001
  2. https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-41040

5. CVE-2022-41033

Severity – High

Windows COM+ Event System Service Elevation of Privilege Vulnerability.

More details : Strobes VI – CVE-2022-41033

Zeroday references:

  1. https://www.zero-day.cz/database/725

Patch references:

  1. https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-34715

Zero-Day Attack Prevention:

These exploits are unpredictable, zero-day protection is necessary. Here are some suggestions regarding how to safeguard your software and vulnerable programmes from zero-day attacks.

  • Once the security patches are available, update all programmes and software.
  • Web application software must be employed to secure the website. You are capable of precisely detecting attacks.
  • Install a security package for the internet. It often comprises default-deny protection, heuristic file analysis, smart anti-virus, and sandboxing techniques.
  • Operate on sites that are secured with Secure Socket Layer (SSL).
  • Go for multiple layer protection with Web application firewalls
  • Protect the content of individual transmissions with the help of Virtual LANs.

Stay ahead of threats using Strobes:

Strobes will help you correlate data between vulnerability scans and vulnerability intelligence making sure to keep you updated whenever there is a zero-day in the wild. 

About The Author

Related Posts

Leave a Comment

Your email address will not be published. Required fields are marked *

Scroll to Top