Microsoft SharePoint Vuln Is Under Active Exploit

The risk of exploitation is heightened, thanks to a proof-of-concept thats been made publicly available.

A high-severity flaw in
Microsoft SharePoint,
tracked as CVE-2024-38094, is under active exploit.
The bug is a deserialization vulnerability, which is often used as attack vectors by malicious cyber actors and poses a serious threat to federal enterprises. If successfully exploited, it could give threat actors remote code execution capabilities. The vulnerability has earned a CVSS score of 7.2 out of 10.
An authenticated attacker with Site Owner permissions can use the vulnerability to inject arbitrary code and execute this code in the context of SharePoint Server,
Microsoft reported in an alert
.
Patches for the flaw were released in July as part of a series of Patch Tuesday updates, and it has since been added to the US Cybersecurity and Infrastructure Security Agency (CISA) Known Exploited Vulnerabilities (KEV) Catalog.
The risk of potential continued exploitation of the vulnerability is further heightened due to the fact that a proof-of-concept is now
available on GitHub
for public viewing.
No additional details about how the vulnerability is being actively exploited have been shared, but due to these developments, Federal Civilian Executive Branch (FCEB) agencies are required to apply the latest fixes by Nov. 12.

Last News
▸ ArcSight prepares for future at user conference post HP acquisition. ◂ Discovered: 07/01/2025 Category: security	▸ Samsung Epic 4G: First To Use Media Hub ◂ Discovered: 07/01/2025 Category: security	▸ Many third-party software fails security tests ◂ Discovered: 07/01/2025 Category: security

**Cyber Security Categories**
Google Dorks Database	Exploits Vulnerability	Exploit Shellcodes

CVE List

Tools/Apps

News/Aarticles

Phishing Database

Deepfake Detection

Trends/Statistics & Live Infos

Tags:
Microsoft SharePoint Vuln Is Under Active Exploit