January 12, 2024 at 02:03AM
The U.S. CISA added a critical security vulnerability in Microsoft SharePoint Server to its catalog, noting evidence of active exploitation and the availability of patches from Microsoft. Security researcher Nguyễn Tiến Giang demonstrated an exploit at a hacking contest, with federal agencies advised to apply the patches by January 31, 2024, to secure against the threat.
The meeting notes from January 12, 2024, highlighted a critical security vulnerability impacting Microsoft SharePoint Server, known as CVE-2023-29357 with a CVSS score of 9.8. This flaw could be exploited by attackers to gain administrator privileges. It was mentioned that Microsoft has released patches for this bug as part of its June 2023 updates.
Additionally, the notes discussed a security researcher from StarLabs SG, Nguyễn Tiến Giang, who demonstrated an exploit for the flaw at the Pwn2Own Vancouver hacking contest and received a $100,000 prize. The exploit chain includes authentication bypass (CVE-2023–29357) and code injection (CVE-2023-24955, CVSS score: 7.2). These vulnerabilities were carefully researched and exploited over nearly a year.
As of now, the specifics of real-world exploitation of CVE-2023–29357 and the threat actors involved remain unknown, but federal agencies are advised to apply the patches by January 31, 2024, to protect against the active threat.
Please let me know if you need further clarification or additional information.