Active Exploitation of Two Critical Flaws in Microsoft SharePoint

Summary:

Active attacks targeting a critical Microsoft SharePoint Server vulnerability (CVE-2023-29357) pose a severe risk, enabling privilege escalation for potential full administrator access. This flaw, coupled with CVE-2023-24955, allows arbitrary code execution. Immediate patching is crucial, as fixes have been available since June 2023’s Patch Tuesday.

Threat Level – Red | Vulnerability Report

To receive real-time threat advisories, please follow HiveForce Labs on LinkedIn.