Microsoft SharePoint Vuln Is Under Active Exploit

  /     /     /  
Publicated : 23/11/2024   Category : security


Microsoft SharePoint Vuln Is Under Active Exploit


The risk of exploitation is heightened, thanks to a proof-of-concept thats been made publicly available.



A high-severity flaw in
Microsoft SharePoint,
tracked as CVE-2024-38094, is under active exploit.
The bug is a deserialization vulnerability, which is often used as attack vectors by malicious cyber actors and poses a serious threat to federal enterprises. If successfully exploited, it could give threat actors remote code execution capabilities. The vulnerability has earned a CVSS score of 7.2 out of 10.
An authenticated attacker with Site Owner permissions can use the vulnerability to inject arbitrary code and execute this code in the context of SharePoint Server,
Microsoft reported in an alert

Patches for the flaw were released in July as part of a series of Patch Tuesday updates, and it has since been added to the US Cybersecurity and Infrastructure Security Agency (CISA) Known Exploited Vulnerabilities (KEV) Catalog.
The risk of potential continued exploitation of the vulnerability is further heightened due to the fact that a proof-of-concept is now
available on GitHub
 for public viewing.
No additional details about how the vulnerability is being actively exploited have been shared, but due to these developments, Federal Civilian Executive Branch (FCEB) agencies are required to apply the latest fixes by Nov. 12.

Last News

▸ 7 arrested, 3 more charged in StubHub cyber fraud ring. ◂
Discovered: 23/12/2024
Category: security

▸ Nigerian scammers now turning into mediocre malware pushers. ◂
Discovered: 23/12/2024
Category: security

▸ Beware EMV may not fully protect against skilled thieves. ◂
Discovered: 23/12/2024
Category: security


Cyber Security Categories
Google Dorks Database
Exploits Vulnerability
Exploit Shellcodes

CVE List
Tools/Apps
News/Aarticles

Phishing Database
Deepfake Detection
Trends/Statistics & Live Infos



Tags:
Microsoft SharePoint Vuln Is Under Active Exploit