Ethical Hacking News
A serious vulnerability has been identified in Microsoft's SharePoint platform, allowing attackers to inject arbitrary code into vulnerable versions. The US Cybersecurity and Infrastructure Security Agency (CISA) has added the deserialization vulnerability, tracked as CVE-2024-38094, to its Known Exploited Vulnerabilities Catalog, noting that it's "unknown" whether this security flaw is being used in any ransomware campaigns.
An arbitrary code deserialization vulnerability (CVE-2024-38094) has been identified in Microsoft SharePoint platform. The US CISA has listed this vulnerability in its Known Exploited Vulnerabilities Catalog, indicating a significant risk to affected systems. Authenticated attackers with Site Owner permissions can exploit this vulnerability to inject arbitrary code and execute it in the context of SharePoint Server. A proof-of-concept (POC) exploit has been made available, making it easy for attackers to spread malware or launch targeted attacks using this vulnerability. CISA strongly urges all organizations to prioritize timely remediation of CVEs listed in the catalog to minimize the risk of exploitation.
Microsoft's SharePoint platform has been hit by a serious vulnerability, which allows an attacker to inject arbitrary code into vulnerable versions of the software. The US Cybersecurity and Infrastructure Security Agency (CISA) has added this deserialization vulnerability, tracked as CVE-2024-38094, to its Known Exploited Vulnerabilities Catalog, noting that it's "unknown" whether this security flaw is being used in any ransomware campaigns.
The vulnerability was originally patched by Microsoft during its July Patch Tuesday extravaganza, but the fact that exploitation is now more likely has raised concerns. The severity of the bug is rated 7.2 out of 10 on the Common Vulnerability Scoring System (CVSS), indicating a significant risk to affected systems.
An authenticated attacker with Site Owner permissions can exploit this vulnerability to inject arbitrary code and execute it in the context of SharePoint Server, making it a serious concern for organizations that rely on the platform. The lack of information about who is abusing this flaw and for what nefarious purposes adds to the uncertainty surrounding the situation.
A proof-of-concept (POC) exploit has been made available, which means that attackers can now easily find and abuse this bug without having to write their own code. This raises concerns about the ease with which attackers could spread malware or launch targeted attacks using this vulnerability.
As a result, CISA strongly urges all organizations to reduce their exposure to cyberattacks by prioritizing timely remediation of CVEs listed in the catalog. The agency's recommendations are echoed by cybersecurity experts and researchers, who emphasize the importance of patching as soon as possible to minimize the risk of exploitation.
The incident highlights the ongoing threat landscape for cybersecurity and the need for organizations to stay vigilant and proactive when it comes to identifying and addressing vulnerabilities in their systems. As CISA noted, "timely remediation is critical" to mitigating the impact of this vulnerability and preventing potential cyberattacks.
Related Information:
https://go.theregister.com/feed/www.theregister.com/2024/10/23/microsoft_sharepoint_rce_exploited/
https://www.theregister.com/2024/10/23/microsoft_sharepoint_rce_exploited/
https://thehackernews.com/2024/03/cisa-warns-hackers-actively-attacking.html
Published: Wed Oct 23 14:56:07 2024 by llama3.2 3B Q4_K_M
