Security
Headlines
HeadlinesLatestCVEs

Headline

The severity of the Remote Code Execution – Microsoft SharePoint (CVE-2024-38094) vulnerability has increased

The severity of the Remote Code Execution – Microsoft SharePoint (CVE-2024-38094) vulnerability has increased. It was fixed as part of the July Microsoft Patch Tuesday (July 9). SharePoint is a popular platform for corporate portals. According to the Microsoft bulletin, аn authenticated attacker with Site Owner permissions can use the vulnerability to inject arbitrary code […]

Alexander V. Leonov
#vulnerability#microsoft#git#rce#auth#blog

The severity of the Remote Code Execution – Microsoft SharePoint (CVE-2024-38094) vulnerability has increased. It was fixed as part of the July Microsoft Patch Tuesday (July 9).

SharePoint is a popular platform for corporate portals. According to the Microsoft bulletin, аn authenticated attacker with Site Owner permissions can use the vulnerability to inject arbitrary code and execute this code in the context of SharePoint Server.

On July 10, a repository with a PoC exploit for this vulnerability appeared on GitHub, as well as a video demonstrating how an attacker can launch processes on the attacked SharePoint server. A GitHub search by CVE number does not find a repository with the exploit, but a link is available in the The Hacker News article. Exploit also relates to the July SharePoint RCEs CVE-2024-38023 and CVE-2024-38024.

On October 22, the vulnerability was added to the CISA KEV, which means it was exploited in the wild.

На русском

Hi! My name is Alexander and I am a Vulnerability Management specialist. You can read more about me here. Currently, the best way to follow me is my Telegram channel @avleonovcom. I update it more often than this site. If you haven’t used Telegram yet, give it a try. It’s great. You can discuss my posts or ask questions at @avleonovchat.

А всех русскоязычных я приглашаю в ещё один телеграмм канал @avleonovrus, первым делом теперь пишу туда.

Related news

THN Cybersecurity Recap: Top Threats, Tools and News (Oct 21 - Oct 27)

Cybersecurity news can sometimes feel like a never-ending horror movie, can't it? Just when you think the villains are locked up, a new threat emerges from the shadows. This week is no exception, with tales of exploited flaws, international espionage, and AI shenanigans that could make your head spin. But don't worry, we're here to break it all down in plain English and arm you with the

Microsoft SharePoint Vuln Is Under Active Exploit

The risk of exploitation is heightened, thanks to a proof-of-concept that's been made publicly available.

CISA Warns of Active Exploitation of Microsoft SharePoint Vulnerability (CVE-2024-38094)

A high-severity flaw impacting Microsoft SharePoint has been added to the Known Exploited Vulnerabilities (KEV) catalog by the U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday, citing evidence of active exploitation. The vulnerability, tracked as CVE-2024-38094 (CVSS score: 7.2), has been described as a deserialization vulnerability impacting SharePoint that could result

Largest Patch Tuesday in 3 months includes 5 critical vulnerabilities

This is the largest Patch Tuesday since April, when Microsoft patched 150 vulnerabilities.

Largest Patch Tuesday in 3 months includes 5 critical vulnerabilities

This is the largest Patch Tuesday since April, when Microsoft patched 150 vulnerabilities.

Largest Patch Tuesday in 3 months includes 5 critical vulnerabilities

This is the largest Patch Tuesday since April, when Microsoft patched 150 vulnerabilities.

Alexander V. Leonov: Latest News

December Microsoft Patch Tuesday