Security News > 2023 > September > Exploit released for Microsoft SharePoint Server auth bypass flaw

Exploit released for Microsoft SharePoint Server auth bypass flaw
2023-09-29 18:06

Proof-of-concept exploit code has surfaced on GitHub for a critical authentication bypass vulnerability in Microsoft SharePoint Server, allowing privilege escalation.

Janggggg successfully achieved RCE on a Microsoft SharePoint Server using this exploit chain during the March 2023 Pwn2Own contest in Vancouver, earning a $100,000 reward.

"The script outputs details of admin users with elevated privileges and can operate in both single and mass exploit modes," the exploit's developer says.

A YARA rule is also available to help network defenders analyze logs for signs of potential exploitation on their SharePoint servers using the CVE-2023-29357 PoC exploit.

Despite the existing exploit not granting immediate remote code execution capabilities, it is highly recommended to apply the security patches issued by Microsoft earlier this year as a preventive measure against potential attacks.

Exploit released for Ivanti Sentry bug abused as zero-day in attacks.


News URL

https://www.bleepingcomputer.com/news/security/exploit-released-for-microsoft-sharepoint-server-auth-bypass-flaw/

Related Vulnerability

DATE CVE VULNERABILITY TITLE RISK
2023-06-14 CVE-2023-29357 Unspecified vulnerability in Microsoft Sharepoint Server 2019
Microsoft SharePoint Server Elevation of Privilege Vulnerability
network
low complexity
microsoft
critical
9.8

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Microsoft 708 787 4589 4647 3639 13662