Organizations running Microsoft Exchange instances yet to be patched against CVE-2022-41040 and CVE-2022-41082 – together dubbed “ProxyNotShell” – remain potentially vulnerable.
Article Link: https://www.bitsight.com/blog/global-state-exposure-microsoft-exchange-proxynotshell-vulnerabilities