b2b-daily
Home | IT | Cyber Security

Critical Vulnerabilities in Microsoft SharePoint Server Expose Servers to Remote Code Execution

Avatar photo
by Dwaine Evans
September 28, 2023
Image Credit: Unsplash
Critical Vulnerabilities in Microsoft SharePoint Server Expose Servers to Remote Code Execution
Table of Contents
  1. Chaining the Vulnerabilities
  2. Proof-of-Concept Code Release
  3. Vulnerability Details
  4. Microsoft's Warning
  5. Exploit Chain Description
  6. Proof of Admin Privileges Exploit
  7. Chaining Exploits for Complete System Compromise
  8. Exploit Limitations
  9. Increased Likelihood of Exploitation

Microsoft SharePoint Server, a widely used collaboration platform, has recently been found to have two critical vulnerabilities that can enable remote code execution and elevation of privileges on affected servers. Security researchers have not only discovered these flaws but have also released details of an exploit chain they developed. Additionally, a separate researcher has shared proof-of-concept code demonstrating how one of the vulnerabilities can be exploited to gain admin privileges on vulnerable systems.

Chaining the Vulnerabilities

The two vulnerabilities are tracked as CVE-2023-29357 and CVE-2023-24955. Microsoft has addressed these issues in their security updates for June and May, respectively. The researchers from Singapore-based StarLabs have successfully created an exploit chain using these vulnerabilities, which allows them to achieve pre-authentication remote code execution on affected systems. This capability poses a significant threat as it compromises the security of data and system integrity.

Proof-of-Concept Code Release

Furthermore, an independent security researcher has published proof-of-concept code on GitHub, showcasing how an attacker can exploit CVE-2023-29357 to gain administrative privileges on unpatched SharePoint Server 2019 systems. This release highlights the potential impact on vulnerable systems that have not applied the necessary security updates.

Vulnerability Details

CVE-2023-29357 is an elevation of privilege flaw found in SharePoint Server 2019. Microsoft addressed this vulnerability in their June security update. On the other hand, CVE-2023-24955 is a remote code execution vulnerability that was patched in May. Both vulnerabilities have been categorized as critical by Microsoft, indicating their potential severity and the likelihood of exploitation.

Microsoft’s Warning

Recognizing the critical nature of these vulnerabilities, Microsoft has alerted users about the heightened risk of exploitation in the coming months. As the exploit chain and proof-of-concept code have been released, malicious entities are increasingly likely to leverage these vulnerabilities to compromise SharePoint servers.

Exploit Chain Description

The researchers from StarLabs have provided details of the exploit chain they developed, enabling pre-authentication remote code execution on affected systems. Their breakthrough demonstrates the severity of these vulnerabilities and the impact they can have on overall system security.

Proof of Admin Privileges Exploit

In addition to the exploit chain, a separate security researcher has shared proof-of-concept code demonstrating how an attacker can gain admin privileges on unpatched SharePoint Server 2019 systems using CVE-2023-29357. This exploit further emphasizes the importance of promptly applying security patches to mitigate the risk of unauthorized access.

Chaining Exploits for Complete System Compromise

While the proof-of-concept code reveals the possibility of gaining admin privileges, attackers can chain this exploit with CVE-2023-24955 to compromise the confidentiality, integrity, and availability of SharePoint servers. This comprehensive compromise can lead to severe data breaches and potential system disruption.

Exploit Limitations

It is crucial to note that the proof-of-concept code released thus far does not demonstrate remote code execution (RCE) on affected systems. While it exposes how an attacker can access details of admin users with elevated privileges, it does not provide the means for achieving RCE. Nonetheless, the combination of exploits released increases the overall risk and underscores the importance of immediate patching.

Increased Likelihood of Exploitation

With the exploit chain and proof-of-concept code now publicly accessible, the probability of malicious entities leveraging these vulnerabilities has substantially increased. Organizations that utilize SharePoint Server must be proactive in applying the required patches and remaining vigilant against potential threats targeting these vulnerabilities.

The critical vulnerabilities discovered in Microsoft SharePoint Server have major implications for system security. The exploit chain and proof-of-concept code released by researchers highlight the severity of the vulnerabilities and the potential for unauthorized access and remote code execution. It is vital for organizations to stay up to date with the latest security updates and promptly apply patches to mitigate the risk of exploitation. Maintaining a vigilant approach to security is paramount in safeguarding SharePoint Server and protecting sensitive data from potential breaches.

Digital TransformationInformation SecurityMicrosoft

Explore more

AI Redefines the Data Engineer’s Strategic Role
January 30, 2026

A self-driving vehicle misinterprets a stop sign, a diagnostic AI misses a critical tumor marker, a financial model approves a fraudulent transaction—these catastrophic failures often trace back not to a flawed algorithm, but to the silent, foundational layer of data it was built upon. In this high-stakes environment, the role of the data engineer has been irrevocably transformed. Once a

Generative AI Data Architecture – Review
January 30, 2026

The monumental migration of generative AI from the controlled confines of innovation labs into the unpredictable environment of core business operations has exposed a critical vulnerability within the modern enterprise. This review will explore the evolution of the data architectures that support it, its key components, performance requirements, and the impact it has had on business operations. The purpose of

Is Data Science Still the Sexiest Job of the 21st Century?
January 30, 2026

More than a decade after it was famously anointed by Harvard Business Review, the role of the data scientist has transitioned from a novel, almost mythical profession into a mature and deeply integrated corporate function. The initial allure, rooted in rarity and the promise of taming vast, untamed datasets, has given way to a more pragmatic reality where value is

Trend Analysis: Digital Marketing Agencies
January 30, 2026

The escalating complexity of the modern digital ecosystem has transformed what was once a manageable in-house function into a specialized discipline, compelling businesses to seek external expertise not merely for tactical execution but for strategic survival and growth. In this environment, selecting a marketing partner is one of the most critical decisions a company can make. The right agency acts

AI Will Reshape Wealth Management for a New Generation
January 30, 2026

The financial landscape is undergoing a seismic shift, driven by a convergence of forces that are fundamentally altering the very definition of wealth and the nature of advice. A decade marked by rapid technological advancement, unprecedented economic cycles, and the dawn of the largest intergenerational wealth transfer in history has set the stage for a transformative era in US wealth