CISA Warns: Hackers Actively Attacking Microsoft SharePoint Vulnerability


The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a security flaw impacting Microsoft Sharepoint Server to its Known Exploited Vulnerabilities (KEV) catalog based on evidence of active exploitation in the wild.

The vulnerability, tracked as CVE-2023-24955 (CVSS score: 7.2), is a critical remote code execution flaw that allows an authenticated attacker with Site Owner privileges to execute arbitrary code.

“In a network-based attack, an authenticated attacker as a Site Owner could execute code remotely on the SharePoint Server,” Microsoft said in an advisory. The flaw was addressed by Microsoft as part of its Patch Tuesday updates for May 2023.

Read more…