Security News > 2023 > September > Exploit released for Microsoft SharePoint Server auth bypass flaw
Proof-of-concept exploit code has surfaced on GitHub for a critical authentication bypass vulnerability in Microsoft SharePoint Server, allowing privilege escalation.
Janggggg successfully achieved RCE on a Microsoft SharePoint Server using this exploit chain during the March 2023 Pwn2Own contest in Vancouver, earning a $100,000 reward.
"The script outputs details of admin users with elevated privileges and can operate in both single and mass exploit modes," the exploit's developer says.
A YARA rule is also available to help network defenders analyze logs for signs of potential exploitation on their SharePoint servers using the CVE-2023-29357 PoC exploit.
Despite the existing exploit not granting immediate remote code execution capabilities, it is highly recommended to apply the security patches issued by Microsoft earlier this year as a preventive measure against potential attacks.
Exploit released for Ivanti Sentry bug abused as zero-day in attacks.
News URL
Related news
- Hackers Exploit Misconfigured YARN, Docker, Confluence, Redis Servers for Crypto Mining (source)
- Microsoft confirms Windows Server issue behind domain controller crashes (source)
- Microsoft releases emergency fix for Windows Server crashes (source)
- Microsoft confirms memory leak in March Windows Server security update (source)
- 17,000+ Microsoft Exchange servers in Germany are vulnerable to attack, BSI warns (source)
- Hackers exploit Ray framework flaw to breach servers, hijack resources (source)
- Germany warns of 17K vulnerable Microsoft Exchange servers exposed online (source)
- CISA Warns: Hackers Actively Attacking Microsoft SharePoint Vulnerability (source)
- CISA tags Microsoft SharePoint RCE bug as actively exploited (source)
- These 17,000 unpatched Microsoft Exchange servers are a ticking time bomb (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-06-14 | CVE-2023-29357 | Unspecified vulnerability in Microsoft Sharepoint Server 2019 Microsoft SharePoint Server Elevation of Privilege Vulnerability | 9.8 |