CVE-2022-41082

Microsoft Exchange Server contains an unspecified vulnerability that allows for authenticated remote code execution. Dubbed "ProxyNotShell," this vulnerability is chainable with CVE-2022-41040 which allows for the remote code execution. Vendor/Product: Microsoft Exchange Server. Added to CISA KEV 2022-09-30; required action: Apply updates per vendor instructions.