Rewterz Threat Advisory – Multiple Microsoft Azure Site Recovery Vulnerabilities
July 13, 2022Rewterz Threat Alert – Qakbot (Qbot) Malware – Active IOCs
July 13, 2022Rewterz Threat Advisory – Multiple Microsoft Azure Site Recovery Vulnerabilities
July 13, 2022Rewterz Threat Alert – Qakbot (Qbot) Malware – Active IOCs
July 13, 2022Severity
High
Analysis Summary
CVE-2022-33633
Microsoft Skype for Business and Lync could allow a remote authenticated attacker to execute arbitrary code on the system. By sending a specially-crafted request, an attacker could exploit this vulnerability to execute arbitrary code on the system.
Impact
- Code Execution
Indicators Of Compromise
CVE
- CVE-2020-4150
Affected Vendors
Microsoft
Affected Products
- Microsoft Lync Server 2013 CU10
- Microsoft Skype for Business Server 2015 CU12
- Microsoft Skype for Business Server 2019 CU6
Remediation
Use Microsoft Automatic Update to apply the appropriate patch for your system, or the Microsoft Security Update Guide to search for available patches.