Advertisement
The US Cybersecurity and Infrastructure Security Agency (CISA) has taken note of a new threat by adding a Microsoft Sharepoint Server vulnerability to its Known Exploited Vulnerabilities (KEV) catalog, indicating that cybercriminals have initiated exploitation of the flaw in real-world attacks.
This vulnerability, identified as CVE-2023-24955, is deemed critical, with a severity score of 7.2, and is classified as a remote code execution (RCE) vulnerability. It enables an authenticated threat actor, possessing Site Owner privileges, to execute arbitrary code on susceptible endpoints, posing a significant risk for various malicious activities such as malware deployment and data exfiltration.
Microsoft addressed this vulnerability with the May 2023 Patch Tuesday cumulative update. Users who skipped this update are urged to reconsider, while those with automatic updates enabled are likely already protected against exploitation.
In a network-based attack scenario, an authenticated attacker with Site Owner privileges can remotely execute code on the SharePoint Server, as outlined in Microsoft’s advisory.
Two months earlier, CISA also added another flaw, CVE-2023-29357, to the KEV catalog. This vulnerability was previously demonstrated alongside the newly added RCE flaw at the Pwn2Own Vancouver hacking contest, showcasing the potential for devastating effects when exploited together. Although threat actors may be currently leveraging these vulnerabilities independently, there is no evidence to suggest they have been chained together in attacks thus far.
Federal Civilian Executive Branch (FCEB) agencies have until April 16th of this year to apply the patch, emphasizing the urgency of addressing this security risk promptly.
Microsoft SharePoint, a web-based collaborative platform offered within the Microsoft 365 suite, serves as a document management and sharing system. Widely adopted by organizations worldwide, SharePoint boasts over 200 million active monthly users, with 80% of Fortune 500 companies utilizing the platform, according to Microsoft’s 2020 statistics.