b2b-daily
Home | IT | Cyber Security

Critical Vulnerabilities in Microsoft SharePoint Server Expose Servers to Remote Code Execution

Avatar photo
by Dwaine Evans
September 28, 2023
Image Credit: Unsplash
Critical Vulnerabilities in Microsoft SharePoint Server Expose Servers to Remote Code Execution
Table of Contents
  1. Chaining the Vulnerabilities
  2. Proof-of-Concept Code Release
  3. Vulnerability Details
  4. Microsoft's Warning
  5. Exploit Chain Description
  6. Proof of Admin Privileges Exploit
  7. Chaining Exploits for Complete System Compromise
  8. Exploit Limitations
  9. Increased Likelihood of Exploitation

Microsoft SharePoint Server, a widely used collaboration platform, has recently been found to have two critical vulnerabilities that can enable remote code execution and elevation of privileges on affected servers. Security researchers have not only discovered these flaws but have also released details of an exploit chain they developed. Additionally, a separate researcher has shared proof-of-concept code demonstrating how one of the vulnerabilities can be exploited to gain admin privileges on vulnerable systems.

Chaining the Vulnerabilities

The two vulnerabilities are tracked as CVE-2023-29357 and CVE-2023-24955. Microsoft has addressed these issues in their security updates for June and May, respectively. The researchers from Singapore-based StarLabs have successfully created an exploit chain using these vulnerabilities, which allows them to achieve pre-authentication remote code execution on affected systems. This capability poses a significant threat as it compromises the security of data and system integrity.

Proof-of-Concept Code Release

Furthermore, an independent security researcher has published proof-of-concept code on GitHub, showcasing how an attacker can exploit CVE-2023-29357 to gain administrative privileges on unpatched SharePoint Server 2019 systems. This release highlights the potential impact on vulnerable systems that have not applied the necessary security updates.

Vulnerability Details

CVE-2023-29357 is an elevation of privilege flaw found in SharePoint Server 2019. Microsoft addressed this vulnerability in their June security update. On the other hand, CVE-2023-24955 is a remote code execution vulnerability that was patched in May. Both vulnerabilities have been categorized as critical by Microsoft, indicating their potential severity and the likelihood of exploitation.

Microsoft’s Warning

Recognizing the critical nature of these vulnerabilities, Microsoft has alerted users about the heightened risk of exploitation in the coming months. As the exploit chain and proof-of-concept code have been released, malicious entities are increasingly likely to leverage these vulnerabilities to compromise SharePoint servers.

Exploit Chain Description

The researchers from StarLabs have provided details of the exploit chain they developed, enabling pre-authentication remote code execution on affected systems. Their breakthrough demonstrates the severity of these vulnerabilities and the impact they can have on overall system security.

Proof of Admin Privileges Exploit

In addition to the exploit chain, a separate security researcher has shared proof-of-concept code demonstrating how an attacker can gain admin privileges on unpatched SharePoint Server 2019 systems using CVE-2023-29357. This exploit further emphasizes the importance of promptly applying security patches to mitigate the risk of unauthorized access.

Chaining Exploits for Complete System Compromise

While the proof-of-concept code reveals the possibility of gaining admin privileges, attackers can chain this exploit with CVE-2023-24955 to compromise the confidentiality, integrity, and availability of SharePoint servers. This comprehensive compromise can lead to severe data breaches and potential system disruption.

Exploit Limitations

It is crucial to note that the proof-of-concept code released thus far does not demonstrate remote code execution (RCE) on affected systems. While it exposes how an attacker can access details of admin users with elevated privileges, it does not provide the means for achieving RCE. Nonetheless, the combination of exploits released increases the overall risk and underscores the importance of immediate patching.

Increased Likelihood of Exploitation

With the exploit chain and proof-of-concept code now publicly accessible, the probability of malicious entities leveraging these vulnerabilities has substantially increased. Organizations that utilize SharePoint Server must be proactive in applying the required patches and remaining vigilant against potential threats targeting these vulnerabilities.

The critical vulnerabilities discovered in Microsoft SharePoint Server have major implications for system security. The exploit chain and proof-of-concept code released by researchers highlight the severity of the vulnerabilities and the potential for unauthorized access and remote code execution. It is vital for organizations to stay up to date with the latest security updates and promptly apply patches to mitigate the risk of exploitation. Maintaining a vigilant approach to security is paramount in safeguarding SharePoint Server and protecting sensitive data from potential breaches.

Digital TransformationInformation SecurityMicrosoft

Explore more

How Agentic AI Combats the Rise of AI-Powered Hiring Fraud
April 6, 2026

The traditional sanctity of the job interview has effectively evaporated as sophisticated digital puppets now compete alongside human professionals for high-stakes corporate roles. This shift represents a fundamental realignment of the recruitment landscape, where the primary challenge is no longer merely identifying the best talent but confirming the actual existence of the person on the other side of the screen.

Can the Rooney Rule Fix Structural Failures in Hiring?
April 6, 2026

The persistent tension between traditional executive networking and formal hiring protocols often creates an invisible barrier that prevents many of the most qualified candidates from ever entering the boardroom or reaching the coaching sidelines. Professional sports and high-level executive searches operate in a high-stakes environment where decision-makers often default to known quantities to mitigate perceived risks. This reliance on familiar

How Can You Empower Your Team To Lead Without You?
April 6, 2026

Ling-yi Tsai, a distinguished HRTech expert with decades of experience in organizational change, joins us to discuss the fundamental shift from hands-on management to systemic leadership. Throughout her career, she has specialized in integrating HR analytics and recruitment technologies to help companies scale without losing their agility. In this conversation, we explore the philosophy of building self-sustaining businesses, focusing on

How Is AI Transforming Finance in the SAP ERP Era?
April 6, 2026

Navigating the Shift Toward Intelligence in Corporate Finance The rapid convergence of machine learning and enterprise resource planning has fundamentally shifted the baseline for financial performance across the global market. As organizations navigate an increasingly volatile global economy, the traditional Enterprise Resource Planning (ERP) model is undergoing a radical evolution. This transformation has moved past the experimental phase, finding its

Who Are the Leading B2B Demand Generation Agencies in the UK?
April 6, 2026

Understanding the Landscape of B2B Demand Generation The pursuit of a sustainable sales pipeline has forced UK enterprises to rethink how they engage with a fragmented and increasingly skeptical digital audience. As business-to-business marketing matures, demand generation has moved from a secondary support function to the primary engine for organizational growth. This analysis explores how top-tier agencies are currently navigating