SharePoint Security Flaw Exploited for Code Smuggling

SharePoint Security Flaw Exploited for Code Smuggling
October 24, 2024

A vulnerability in Microsoft's SharePoint server is being actively exploited by attackers to carry out code smuggling attacks, according to a warning from the US Cybersecurity and Infrastructure Security Agency (CISA). This vulnerability was uploaded to CISA's Catalog of Known Exploited Vulnerabilities and is officially known as CVE-2024-38094. CISA stresses the urgency for IT managers to install available patches to protect their systems against possible breaches, although it declines to provide precise information on attack methods or the scale of these attacks .

Microsoft says the vulnerability is caused by "deserialization of untrusted data," which an attacker with site owner permissions and authenticated access could exploit. By leveraging this vulnerability, attackers can significantly take control of the system by injecting and executing arbitrary code on the SharePoint server. With a CVSS score of 7.2, Microsoft has rated the vulnerability as high risk due to its nature and possible impact, highlighting the possibility of exploitation if not patched.

Microsoft SharePoint Server Subscription Edition, SharePoint Server 2019, and SharePoint Enterprise Server 2016 are among the SharePoint versions that are vulnerable. The particular build numbers affected are listed in Microsoft's advisory CVE’s records: SharePoint Enterprise Server 2016 version 16.0.0 to 16.0.5456.1000, SharePoint Server 2019 version 16.0.0 to 16.0.10412.20001, and Subscription Edition version 16.0.0 to 16.0.17328.20424 . in danger. The vulnerability has been fixed in the most recent versions of these products, which were made available as part of Microsoft's July 2024 Patch Tuesday.

In addition to fixing this SharePoint vulnerability, the July 2024 updates also fix other serious security vulnerabilities, such as a previously exploited Hyper-V vulnerability that affects both Windows 11 and Server 2022. Microsoft and CISA advise businesses to prioritize these fixes. in order to reduce the risks of cyberattacks, particularly given the likelihood that the SharePoint vulnerability will be exploited.

Ready to make an impact in cybersecurity? Our Cybersecurity Bootcamp will equip you with the tools to defend against real-world cyber threats. Learn from industry veterans and gain the experience needed to start a rewarding career in one of tech’s fastest-growing fields.

Code Labs Academy © 2024 All rights reserved.