Get all your news in one place.
100’s of premium titles.
One app.
Start reading
TechRadar
TechRadar
Sead Fadilpašić

Microsoft SharePoint has a worrying security flaw, experts warn

A digital representation of a lock.

The US Cybersecurity and Infrastructure Agency (CISA) is warning admins that a Microsoft SharePoint Server flaw is now being actively exploited in the wild.

In a new addition to its Known Exploited Vulnerabilities (KEV) catalog, CISA says CVE-2023-29357 is being used to gain elevated privileges. 

“These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose significant risks to the federal enterprise," it noted.

Remote access tools under assault

Microsoft described the vulnerability as a privilege escalation flaw and patched it with the June 2023 Patch Tuesday cumulative update.

"An attacker who has gained access to spoofed JWT authentication tokens can use them to execute a network attack which bypasses authentication and allows them to gain access to the privileges of an authenticated user," Microsoft said. "The attacker needs no privileges nor does the user need to perform any action."

As per TheHackerNews, security researcher Nguyễn Tiến Giang (Jang) of StarLabs SG showed the vulnerability in action at the Pwn2Own Vancouver hacking contest and earned $100,000 in prize money. He chained the flaw with CVE-2023-24955 (patched in May this year), and gained remote code execution capabilities on an infected endpoint.

The latter had a severity score of 7.2.

"The process of discovering and crafting the exploit chain consumed nearly a year of meticulous effort and research to complete the full exploit chain," the researcher said in a report published in September last year.

CISA did not share more details in its alert, so we don’t know who the threat actors are, or who they’re targeting, other than the fact that the victims could be Federal organizations. “CISA strongly urges all organizations to reduce their exposure to cyberattacks by prioritizing timely remediation of Catalog vulnerabilities as part of their vulnerability management practice,” the organization concluded. 

More from TechRadar Pro

Sign up to read this article
Read news from 100’s of titles, curated specifically for you.
Already a member? Sign in here
Related Stories
Top stories on inkl right now
One subscription that gives you access to news from hundreds of sites
Already a member? Sign in here
Our Picks
Fourteen days free
Download the app
One app. One membership.
100+ trusted global sources.