How to fix CVE-2022-41082?

Within 24 hours: Identify all affected systems and apply vendor patches immediately. Restrict deserialization to trusted data sources and implement integrity checks.

CVE-2022-41082

HIGH

2022-10-03 [email protected]

8.0

CVSS 3.1

CVSS Vector

CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Attack Vector

Adjacent

Attack Complexity

Low

Privileges Required

Low

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

High

Lifecycle Timeline

Analysis Generated

Mar 26, 2026 - 11:19 vuln.today

Added to CISA KEV

Oct 30, 2025 - 19:39 cisa

CISA KEV

PoC Detected

Oct 30, 2025 - 19:39 vuln.today

Public exploit code

Patch Released

Oct 30, 2025 - 19:39 nvd

Patch available

CVE Published

Oct 03, 2022 - 01:15 nvd

HIGH 8.0

Description

Microsoft Exchange Server Remote Code Execution Vulnerability

Analysis

Microsoft Exchange Server allows authenticated remote code execution through PowerShell deserialization, the second component of 'ProxyNotShell' enabling SYSTEM-level command execution when chained with CVE-2022-41040.

Technical Context

The CWE-502 deserialization flaw in Exchange's PowerShell Remoting processes crafted serialized objects that execute arbitrary commands. When accessed through the ProxyNotShell SSRF, unauthenticated-equivalent RCE is achieved (only mailbox credentials needed).

Affected Products

['Microsoft Exchange Server 2013/2016/2019']

Remediation

Apply Microsoft security updates urgently. Monitor for unusual PowerShell execution on Exchange servers. Consider migrating to Exchange Online to eliminate on-premises Exchange attack surface.

Priority Score

212

Low Medium High Critical

KEV: +50

EPSS: +91.7

CVSS: +40

POC: +20

CVE-2022-41082 vulnerability details – vuln.today

Back

CVE-2022-41082

CVSS Vector

Lifecycle Timeline

Description

Analysis

Technical Context

Affected Products

Remediation

Priority Score

Share

External POC / Exploit Code