Unrated severityCISA KEVNVD Advisory· Published Oct 3, 2022· Updated Oct 21, 2025
Microsoft Exchange Server Remote Code Execution Vulnerability
CVE-2022-41082
Description
Microsoft Exchange Server Remote Code Execution Vulnerability
Affected products
6- Microsoft/Microsoft Exchange Server 2013 Cumulative Update 23v5Range: 15.00.0
- Microsoft/Microsoft Exchange Server 2016 Cumulative Update 22v5Range: 15.0.0
- Microsoft/Microsoft Exchange Server 2016 Cumulative Update 23v5Range: 15.01.0
- Microsoft/Microsoft Exchange Server 2019 Cumulative Update 11v5Range: 15.02.0
- Microsoft/Microsoft Exchange Server 2019 Cumulative Update 12v5Range: 15.02.0
Patches
Vulnerability mechanics
References
1- msrc.microsoft.com/update-guide/vulnerability/CVE-2022-41082mitrevendor-advisory
News mentions
2- New SharkLoader Malware Deploys Cobalt Strike in StrikeShark CyberattacksThe Hacker News · Jun 26, 2026
- StrikeShark: investigating a new campaign delivering Cobalt Strike through SharkLoaderSecurelist · Jun 24, 2026