Security News > 2020 > July > PoC Released for Critical Vulnerability Exposing SharePoint Servers to Attacks
Tracked as CVE-2020-1147 and considered critical severity, the bug occurs when the software doesn't check the source markup of XML file input.
"The vulnerability is found in the DataSet and DataTable types which are.NET components used to manage data sets," the software giant revealed in an advisory published last week.
In addition to releasing patches for the vulnerability, Microsoft also published guidance related to it, explaining what the DataSet and DataTable types of legacy.
NET components represent and what restrictions are applied when loading them from XML. The company also explains that, by default, only specific types of objects may be present in the deserialized data, and that an exception is thrown when the incoming XML data contains object types not on the list, resulting in the deserialization operation failing.
In a blog post this week, security specialist Steven Seeley detailed the manner in which the vulnerability can be triggered and also published a proof-of-concept exploit aimed at SharePoint servers, encouraging users to install the available patches as soon as possible.
News URL
Related news
- Critical PHP RCE vulnerability mass exploited in new attacks (source)
- New Critical AMI BMC Vulnerability Enables Remote Server Takeover and Bricking (source)
- PostgreSQL Vulnerability Exploited Alongside BeyondTrust Zero-Day in Targeted Attacks (source)
- Critical PostgreSQL bug tied to zero-day attack on US Treasury (source)
- SonicWall firewall bug leveraged in attacks after PoC exploit release (source)
- New OpenSSH flaws expose SSH servers to MiTM and DoS attacks (source)
- Darktrace: 96% of Phishing Attacks in 2024 Exploited Trusted Domains Including SharePoint & Zoom Docs (source)
- CISA Flags Craft CMS Vulnerability CVE-2025-23209 Amid Active Attacks (source)
- MITRE Caldera RCE vulnerability with public PoC fixed, patch ASAP! (CVE-2025–27364) (source)
- Hackers Exploit Paragon Partition Manager Driver Vulnerability in Ransomware Attacks (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-07-14 | CVE-2020-1147 | Unspecified vulnerability in Microsoft products A remote code execution vulnerability exists in .NET Framework, Microsoft SharePoint, and Visual Studio when the software fails to check the source markup of XML file input, aka '.NET Framework, SharePoint Server, and Visual Studio Remote Code Execution Vulnerability'. | 7.8 |