Hackers are already attacking this Microsoft SharePoint vulnerability, so patch now
The US Cybersecurity and Infrastructure Security Agency (CISA) has added a new Microsoft Sharepoint Server vulnerability to its Known Exploited Vulnerabilities (KEV) catalog, signaling that hackers have begun exploiting it in the wild.
The vulnerability is tracked as CVE-2023-24955, and carries a severity score of 7.2. It is described as a critical remote code execution (RCE) flaw, that allows an authenticated threat actor, with Site Owner privileges, to execute arbitrary code on the vulnerable endpoints.
Such a vulnerability could be used for a number of things, from malware deployment, to information stealing.
FCEBs on a deadline
“In a network-based attack, an authenticated attacker as a Site Owner could execute code remotely on the SharePoint Server,” Microsoft said in an advisory.
The fix was released with the May 2023 Patch Tuesday cumulative update, so in case you skipped that one, you might want to reconsider. Those who have automatic updates enabled are most likely already protected, though.
Two months ago, CISA added a separate flaw, CVE-2023-29357, to KEV. This flaw was chained together with the newly-added RCE last year, at the Pwn2Own Vancouver hacking contest. StarLabs SG, who demonstrated how the two vulnerabilities could be combined for devastating effects, won $100,000 for their efforts.
While threat actors currently might be abusing these two, there is no evidence that anyone chained them together yet.
Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!
Federal Civilian Executive Branch (FCEB) agencies have until April 16 this year to apply the patch.
Microsoft SharePoint is a web-based collaborative platform, available through the Microsoft 365 productivity suite. It was first launched in 2001 as a document management and storage system. It was also used to share information via intranet. According to Microsoft’s 2020 figures, SharePoint had more than 200 million active monthly users, with Gitnux adding that 80% of Fortune 500 companies use the tool.
Via TheHackerNews
More from TechRadar Pro
The US Cybersecurity and Infrastructure Security Agency (CISA) has added a new Microsoft Sharepoint Server vulnerability to its Known Exploited Vulnerabilities (KEV) catalog, signaling that hackers have begun exploiting it in the wild. The vulnerability is tracked as CVE-2023-24955, and carries a severity score of 7.2. It is described as…
Recent Posts
- The FBI reportedly won’t investigate ICE anymore
- How to watch World Cup Final 2026: Free Streams, TV Channels & Kick-Off time for Spain vs Argentina
- Infrared tech is decades old – why does almost every TV remote use it?
- Orchid is a delightfully retro and approachable hipster synth
- Birdfy’s solar-powered smart feeder is down to one of its best prices
Archives
- July 2026
- June 2026
- May 2026
- April 2026
- March 2026
- February 2026
- January 2026
- December 2025
- November 2025
- October 2025
- September 2025
- August 2025
- July 2025
- June 2025
- May 2025
- April 2025
- March 2025
- February 2025
- January 2025
- December 2024
- November 2024
- October 2024
- September 2024
- August 2024
- July 2024
- June 2024
- May 2024
- April 2024
- March 2024
- February 2024
- January 2024
- December 2023
- November 2023
- October 2023
- September 2023
- August 2023
- July 2023