This vulnerability allows remote malicious users to execute arbitrary code on affected installations of Microsoft SharePoint. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the GenerateProxyAssembly method. The issue results from the lack of proper validation of a user-supplied string before using it to execute C# code. An attacker can leverage this vulnerability to execute code in the context of SharePoint farm service account.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
microsoft sharepoint enterprise server 2016 |
||
microsoft sharepoint server 2019 |
||
microsoft sharepoint server - |
CISA tags Microsoft SharePoint RCE bug as actively exploited By Sergiu Gatlan March 27, 2024 12:24 PM 0 CISA warns that attackers are now exploiting a Microsoft SharePoint code injection vulnerability that can be chained with a critical privilege escalation flaw for pre-auth remote code execution attacks. Tracked as CVE-2023-24955, this SharePoint Server vulnerability enables authenticated attackers with Site Owner privileges to execute code remotely on vulnerable servers. The second flaw (...
Topics Security Off-Prem On-Prem Software Offbeat Special Features Vendor Voice Vendor Voice Resources Itβs taken months for crims to hack together a working exploit chain
Security experts claim ransomware criminals have got their hands on a functional exploit for a nearly year-old critical Microsoft SharePoint vulnerability that was this week added to the US's must-patch list. Without specifically identifying the gang, researcher Kevin Beaumont said that at least one ransomware group has a working exploit for the critical vulnerability, which can potentially achieve remote code execution (RCE) although the US Cybersecurity and Infrastructure Security Agency (CISA...