CISA Adds 9.8 Critical Microsoft SharePoint Bug to its KEV Catalog

  /     /     /  
Publicated : 23/11/2024   Category : security

CISA Adds 9.8 Critical Microsoft SharePoint Bug to its KEV Catalog


Its a tale as old as time: an old, long-since patched vulnerability that remains actively exploited.


On Wednesday, the Cybersecurity and Infrastructure Security Agency (CISA) added a privilege escalation vulnerability affecting Microsoft SharePoint servers to its list of Known Exploited Vulnerabilities (KEV).
SharePoint is a popular, cloud-based document management and storage system, which is also variously used by companies to implement internal applications and business processes, and share resources via an intranet. As recently as 2020, it enjoyed
more than 200 million active monthly users
.
The latest addition to KEV,
CVE-2023-29357
, is a critical 9.8 out of 10 vulnerability on the CVSS scale, affecting SharePoint Server 2016 and 2019. With no user engagement required, it allows an attacker to bypass authentication checks and gain administrative access to a server using spoofed JSON Web Token (JWT) authentication tokens.
Researchers first demonstrated the utility of CVE-2023-29357 at March 2023s Pwn2Own event, combining it with a second SharePoint vulnerability to create
a successful exploit chain
— and
winning $100,000
in the process. Another independent researcher developed
a proof-of-concept (PoC) exploit
in September.
Microsoft
issued a patch
back in June. However, its still being actively exploited, according to
CISAs new alert
. In
a Mastodon post on Thursday
, security researcher Kevin Beaumont provided a bit of extra context, writing that I am aware of one ransomware group that finally has a working exploit for this.
For organizations still in the firing line, the June patch can be
found here
.

Last News

▸ ArcSight prepares for future at user conference post HP acquisition. ◂
Discovered: 07/01/2025
Category: security
▸ Samsung Epic 4G: First To Use Media Hub ◂
Discovered: 07/01/2025
Category: security
▸ Many third-party software fails security tests ◂
Discovered: 07/01/2025
Category: security


Cyber Security Categories
Google Dorks Database
 		Exploits Vulnerability
 		Exploit Shellcodes

CVE List
 		Tools/Apps
 		News/Aarticles

Phishing Database
 		Deepfake Detection
 		Trends/Statistics & Live Infos



Tags:
CISA Adds 9.8 Critical Microsoft SharePoint Bug to its KEV Catalog