Security News > 2024 > January > Act Now: CISA Flags Active Exploitation of Microsoft SharePoint Vulnerability
![Act Now: CISA Flags Active Exploitation of Microsoft SharePoint Vulnerability](/static/build/img/news/act-now-cisa-flags-active-exploitation-of-microsoft-sharepoint-vulnerability-medium.jpg)
2024-01-12 06:35
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a critical security vulnerability impacting Microsoft SharePoint Server to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation. The issue, tracked as CVE-2023-29357 (CVSS score: 9.8), is a privilege escalation flaw that could be exploited by an attacker to gain
News URL
https://thehackernews.com/2024/01/act-now-cisa-flags-active-exploitation.html
Related news
- Check Point warns customers to patch VPN vulnerability under active exploitation (source)
- Azure Service Tags Vulnerability: Microsoft Warns of Potential Abuse by Hackers (source)
- Microsoft Issues Patches for 51 Flaws, Including Critical MSMQ Vulnerability (source)
- ZDI shames Microsoft for – yet another – coordinated vulnerability disclosure snafu (source)
Related Vulnerability
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2023-06-14 | CVE-2023-29357 | Unspecified vulnerability in Microsoft Sharepoint Server 2019 Microsoft SharePoint Server Elevation of Privilege Vulnerability | 9.8 |