Home Security CISA Warns of Active Exploitation of Microsoft SharePoint Vulnerability (CVE-2024-38094)

CISA Warns of Active Exploitation of Microsoft SharePoint Vulnerability (CVE-2024-38094)

by


Oct 23, 2024Ravie LakshmananVulnerability / Threat Intelligence

A high-severity flaw impacting Microsoft SharePoint has been added to the Known Exploited Vulnerabilities (KEV) catalog by the U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday, citing evidence of active exploitation.

The vulnerability, tracked as CVE-2024-38094 (CVSS score: 7.2), has been described as a deserialization vulnerability impacting SharePoint that could result in remote code execution.

“An authenticated attacker with Site Owner permissions can use the vulnerability to inject arbitrary code and execute this code in the context of SharePoint Server,” Microsoft said in an alert for the flaw.

Cybersecurity

Patches for the security defect were released by Redmond as part of its Patch Tuesday updates for July 2024. The exploitation risk is compounded by the fact that proof-of-concept (PoC) exploits for the flaw are available in the public domain.

“The PoC script […] automates authentication to a target SharePoint site using NTLM, creates a specific folder and file, and sends a crafted XML payload to trigger the vulnerability in the SharePoint client API,” SOCRadar said.

There are currently no reports about how CVE-2024-38094 is exploited in the wild. In light of in-the-wild abuse, Federal Civilian Executive Branch (FCEB) agencies are required to apply the latest fixes by November 12, 2024, to secure their networks.

The development comes as Google’s Threat Analysis Group (TAG) revealed that a now-patched zero-day vulnerability in Samsung’s mobile processors has been weaponized as part of an exploit chain to achieve arbitrary code execution.

Assigned the CVE identifier CVE-2024-44068 (CVSS score of 8.1), it has been addressed as of October 7, 2024, with the South Korean electronics giant characterizing it as a “use-after-free in the mobile processor [that] leads to privilege escalation.”

While Samsung’s terse advisory makes no mention of it having been exploited in the wild, Google TAG researchers Xingyu Jin and Clement Lecigne said a zero-day exploit for the shortcoming is used as part of a privilege escalation chain.

“The actor is able to execute arbitrary code in a privileged cameraserver process,” the researchers said. “The exploit also renamed the process name itself to ‘vendor.samsung.hardware.camera.provider@3.0-service,’ probably for anti-forensic purposes.”

Cybersecurity

The disclosures also follow a new proposal from CISA that puts forth a series of security requirements in order to prevent bulk access to U.S. sensitive personal data or government-related data by countries of concern and covered persons.

In line with the requirements, organizations are expected to remediate known exploited vulnerabilities within 14 calendar days, critical vulnerabilities with no exploit within 15 calendar days, and high-severity vulnerabilities with no exploits within 30 calendar days.

“To ensure and validate that a covered system denies covered persons access to covered data, it is necessary to maintain audit logs of such accesses as well as organizational processes to utilize those logs,” the agency said.

“Similarly, it is necessary for an organization to develop identity management processes and systems to establish an understanding of what persons may have access to different data sets.”

Found this article interesting? Follow us on Twitter and LinkedIn to read more exclusive content we post.





Source link

Related Articles

xxxanti beeztube.mobi hot sexy mp4 menyoujan hentaitgp.net jason voorhees hentai indian soft core chupatube.net youjzz ez2 may 8 2023 pinoycinema.org ahensya ng pamahalaan pakistani chut ki chudai pimpmovs.com www xvedio dost ke papa zztube.mobi 300mbfilms.in صور مص الزب arabporna.net نهر العطش لمن تشعر بالحرمان movierulz plz.in bustyporntube.info how to make rangoli video 穂高ゆうき simozo.net 四十路五十路 ロシアav javvideos.net 君島みお 無修正 افلام سكس في المطبخ annarivas.net فيلم سكس قديم rashmi hot videos porncorn.info audiosexstories b grade latest nesaporn.pro high school girls sex videos real life cam eroebony.info painfull porn exbii adult pics teacherporntrends.com nepali school sex