CISA Alerts Microsoft SharePoint Vulnerability Actively Exploited, Take Action Now

January 12, 2024
1 min read

TLDR:

  • The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has identified a critical security vulnerability in Microsoft SharePoint Server.
  • An attacker could exploit the vulnerability to gain administrator privileges and execute a network attack.
  • Microsoft released patches for the bug in June 2023, but federal agencies are recommended to apply the patches by January 31, 2024.

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has warned of an active exploitation of a critical security vulnerability in Microsoft SharePoint Server. The vulnerability, tracked as CVE-2023-29357, is a privilege escalation flaw that could allow an attacker to gain administrator privileges. Microsoft addressed the vulnerability in its June 2023 Patch Tuesday updates.

An attacker who gains access to spoofed JWT authentication tokens can use them to execute a network attack that bypasses authentication and allows them to gain access to the privileges of an authenticated user, according to Microsoft. The company has urged users to apply the patches by January 31, 2024, to protect against the active threat.

The vulnerability was demonstrated by security researcher Nguyễn Tiến Giang (Jang) of StarLabs SG at the Pwn2Own Vancouver hacking contest in 2023. The exploit chain combines authentication bypass (CVE-2023-29357) with a code injection bug (CVE-2023-24955) that was patched by Microsoft in May 2023. Tiến Giang said it took nearly a year of effort and research to develop the full exploit chain.

Details about the identity of the threat actors exploiting the vulnerability and the real-world exploitation techniques are currently unknown. However, federal agencies are urged to apply the patches promptly to mitigate the risk.

Latest from Blog

Juggling AI cybersecurity highs and lows

TLDR: At the 2024 MIT Sloan CIO Symposium, industry leaders discussed the challenge of balancing AI’s benefits with its security risks, particularly focusing on generative AI. While generative AI can bring benefits

Get your free Cyber Security eBook now Valued at $169

“`html TLDR: Key Points: Claim your complimentary eBook worth $169 for free before May 22. The eBook covers practical applications of cyber security and network security for professionals, engineers, scientists, and students.