Security News > 2020 > July > PoC Released for Critical Vulnerability Exposing SharePoint Servers to Attacks
Tracked as CVE-2020-1147 and considered critical severity, the bug occurs when the software doesn't check the source markup of XML file input.
"The vulnerability is found in the DataSet and DataTable types which are.NET components used to manage data sets," the software giant revealed in an advisory published last week.
In addition to releasing patches for the vulnerability, Microsoft also published guidance related to it, explaining what the DataSet and DataTable types of legacy.
NET components represent and what restrictions are applied when loading them from XML. The company also explains that, by default, only specific types of objects may be present in the deserialized data, and that an exception is thrown when the incoming XML data contains object types not on the list, resulting in the deserialization operation failing.
In a blog post this week, security specialist Steven Seeley detailed the manner in which the vulnerability can be triggered and also published a proof-of-concept exploit aimed at SharePoint servers, encouraging users to install the available patches as soon as possible.
News URL
Related news
- Cisco fixes ClamAV vulnerability with available PoC and critical Meeting Management flaw (source)
- Zyxel CPE devices under attack via critical vulnerability without a patch (CVE-2024-40891) (source)
- Hackers exploit critical Aviatrix Controller RCE flaw in attacks (source)
- Critical SimpleHelp Flaws Allow File Theft, Privilege Escalation, and RCE Attacks (source)
- Over 660,000 Rsync servers exposed to code execution attacks (source)
- SAP fixes critical vulnerabilities in NetWeaver application servers (source)
- Critical SimpleHelp vulnerabilities fixed, update your server instances! (source)
- Microsoft Patches Critical Azure AI Face Service Vulnerability with CVSS 9.9 Score (source)
- Critical RCE bug in Microsoft Outlook now exploited in attacks (source)
- PostgreSQL Vulnerability Exploited Alongside BeyondTrust Zero-Day in Targeted Attacks (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-07-14 | CVE-2020-1147 | Unspecified vulnerability in Microsoft products A remote code execution vulnerability exists in .NET Framework, Microsoft SharePoint, and Visual Studio when the software fails to check the source markup of XML file input, aka '.NET Framework, SharePoint Server, and Visual Studio Remote Code Execution Vulnerability'. | 7.8 |