Security News > 2020 > July > PoC Released for Critical Vulnerability Exposing SharePoint Servers to Attacks
Tracked as CVE-2020-1147 and considered critical severity, the bug occurs when the software doesn't check the source markup of XML file input.
"The vulnerability is found in the DataSet and DataTable types which are.NET components used to manage data sets," the software giant revealed in an advisory published last week.
In addition to releasing patches for the vulnerability, Microsoft also published guidance related to it, explaining what the DataSet and DataTable types of legacy.
NET components represent and what restrictions are applied when loading them from XML. The company also explains that, by default, only specific types of objects may be present in the deserialized data, and that an exception is thrown when the incoming XML data contains object types not on the list, resulting in the deserialization operation failing.
In a blog post this week, security specialist Steven Seeley detailed the manner in which the vulnerability can be triggered and also published a proof-of-concept exploit aimed at SharePoint servers, encouraging users to install the available patches as soon as possible.
News URL
Related news
- Critical Commvault RCE vulnerability fixed, PoC available (CVE-2025-34028) (source)
- Critical Windows Server 2025 dMSA Vulnerability Enables Active Directory Compromise (source)
- CISA Warns of CentreStack's Hard-Coded MachineKey Vulnerability Enabling RCE Attacks (source)
- Gladinet’s Triofox and CentreStack Under Active Exploitation via Critical RCE Vulnerability (source)
- Critical flaws fixed in Nagios Log Server (source)
- Critical Apache Roller Vulnerability (CVSS 10.0) Enables Unauthorized Session Persistence (source)
- New BPFDoor Controller Enables Stealthy Lateral Movement in Linux Server Attacks (source)
- Critical Erlang/OTP SSH Vulnerability (CVSS 10.0) Allows Unauthenticated Code Execution (source)
- Windows NTLM vulnerability exploited in multiple attack campaigns (CVE-2025-24054) (source)
- PoC exploit for critical Erlang/OTP SSH bug is public (CVE-2025-32433) (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-07-14 | CVE-2020-1147 | Unspecified vulnerability in Microsoft products A remote code execution vulnerability exists in .NET Framework, Microsoft SharePoint, and Visual Studio when the software fails to check the source markup of XML file input, aka '.NET Framework, SharePoint Server, and Visual Studio Remote Code Execution Vulnerability'. | 7.8 |