Critical Vulnerabilities in Microsoft SharePoint Server Expose Servers to Remote Code Execution

Microsoft SharePoint Server, a widely used collaboration platform, has recently been found to have two critical vulnerabilities that can enable remote code execution and elevation of privileges on affected servers. Security researchers have not only discovered these flaws but have also released details of an exploit chain they developed. Additionally, a separate researcher has shared proof-of-concept code demonstrating how one of the vulnerabilities can be exploited to gain admin privileges on vulnerable systems.

Chaining the Vulnerabilities

The two vulnerabilities are tracked as CVE-2023-29357 and CVE-2023-24955. Microsoft has addressed these issues in their security updates for June and May, respectively. The researchers from Singapore-based StarLabs have successfully created an exploit chain using these vulnerabilities, which allows them to achieve pre-authentication remote code execution on affected systems. This capability poses a significant threat as it compromises the security of data and system integrity.

Proof-of-Concept Code Release

Furthermore, an independent security researcher has published proof-of-concept code on GitHub, showcasing how an attacker can exploit CVE-2023-29357 to gain administrative privileges on unpatched SharePoint Server 2019 systems. This release highlights the potential impact on vulnerable systems that have not applied the necessary security updates.

Vulnerability Details

CVE-2023-29357 is an elevation of privilege flaw found in SharePoint Server 2019. Microsoft addressed this vulnerability in their June security update. On the other hand, CVE-2023-24955 is a remote code execution vulnerability that was patched in May. Both vulnerabilities have been categorized as critical by Microsoft, indicating their potential severity and the likelihood of exploitation.

Microsoft’s Warning

Recognizing the critical nature of these vulnerabilities, Microsoft has alerted users about the heightened risk of exploitation in the coming months. As the exploit chain and proof-of-concept code have been released, malicious entities are increasingly likely to leverage these vulnerabilities to compromise SharePoint servers.

Exploit Chain Description

The researchers from StarLabs have provided details of the exploit chain they developed, enabling pre-authentication remote code execution on affected systems. Their breakthrough demonstrates the severity of these vulnerabilities and the impact they can have on overall system security.

Proof of Admin Privileges Exploit

In addition to the exploit chain, a separate security researcher has shared proof-of-concept code demonstrating how an attacker can gain admin privileges on unpatched SharePoint Server 2019 systems using CVE-2023-29357. This exploit further emphasizes the importance of promptly applying security patches to mitigate the risk of unauthorized access.

Chaining Exploits for Complete System Compromise

While the proof-of-concept code reveals the possibility of gaining admin privileges, attackers can chain this exploit with CVE-2023-24955 to compromise the confidentiality, integrity, and availability of SharePoint servers. This comprehensive compromise can lead to severe data breaches and potential system disruption.

Exploit Limitations

It is crucial to note that the proof-of-concept code released thus far does not demonstrate remote code execution (RCE) on affected systems. While it exposes how an attacker can access details of admin users with elevated privileges, it does not provide the means for achieving RCE. Nonetheless, the combination of exploits released increases the overall risk and underscores the importance of immediate patching.

Increased Likelihood of Exploitation

With the exploit chain and proof-of-concept code now publicly accessible, the probability of malicious entities leveraging these vulnerabilities has substantially increased. Organizations that utilize SharePoint Server must be proactive in applying the required patches and remaining vigilant against potential threats targeting these vulnerabilities.

The critical vulnerabilities discovered in Microsoft SharePoint Server have major implications for system security. The exploit chain and proof-of-concept code released by researchers highlight the severity of the vulnerabilities and the potential for unauthorized access and remote code execution. It is vital for organizations to stay up to date with the latest security updates and promptly apply patches to mitigate the risk of exploitation. Maintaining a vigilant approach to security is paramount in safeguarding SharePoint Server and protecting sensitive data from potential breaches.

Explore more

How Can Payroll Become a Key Retention Tool in LATAM and US?

This guide aims to help employers in LATAM and the US transform payroll from a routine administrative task into a strategic tool for retaining top talent. By following the outlined steps, businesses can enhance employee satisfaction, build trust, and reduce turnover in highly competitive job markets. The purpose of this guide is to demonstrate that payroll, when managed thoughtfully, becomes

How Will SRE.ai Revolutionize DevOps with AI Automation?

In today’s rapidly shifting landscape of software development, the sheer volume of custom applications being built for various software-as-a-service (SaaS) platforms has created unprecedented challenges for DevOps teams. As businesses increasingly rely on low-code and no-code tools, alongside AI-driven development, the pace of code creation often outstrips the capacity of traditional workflows to manage it effectively. Enter SRE.ai, an innovative

Standard Chartered Leads Digital Wealth Innovation in Asia Pacific

What happens when managing personal wealth becomes as effortless as scrolling through a smartphone app? In the fast-evolving financial landscape of Asia Pacific, Standard Chartered is crafting this reality for affluent clients, blending cutting-edge technology with tailored advisory services to transform how wealth is built and preserved. This pioneering approach has not only captured the attention of high-net-worth individuals but

How Does Dynamics 365 BC Simplify Month-End Closings?

Imagine if the final days of each month didn’t turn into a grueling race against time for finance teams, where a Finance Director is buried under stacks of spreadsheets, chasing last-minute data from multiple departments, and scrambling to reconcile discrepancies as the clock ticks down. Month-end closings often feel like an uphill battle, draining energy and resources when precision and

Why Business Central Suits Process Manufacturers with Vicinity

Welcome to an insightful conversation with Dominic Jainy, an IT professional with deep expertise in leveraging technology solutions for niche industries. Today, we dive into the world of process manufacturing and explore how Microsoft Dynamics 365 Business Central, when paired with specialized tools like Vicinity, can transform the operational landscape for manufacturers who rely on formulas and recipes. In this