Subj : Microsoft SharePoint has a worrying security flaw, experts warn
To   : All
From : TechnologyDaily
Date : Fri Jan 12 2024 14:00:07

Microsoft SharePoint has a worrying security flaw, experts warn

Date:
Fri, 12 Jan 2024 13:58:56 +0000

Description:
Microsoft SharePoint vulnerability is being exploited in the wild, with CISA 
urging Federal firms to patch immediately.

FULL STORY
======================================================================

The US Cybersecurity and Infrastructure Agency (CISA) is warning admins that 
a Microsoft SharePoint Server flaw is now being actively exploited in the 
wild. 

In a new addition to its Known Exploited Vulnerabilities (KEV) catalog, CISA 
says CVE-2023-29357 is being used to gain elevated privileges. 

These types of vulnerabilities are frequent attack vectors for malicious 
cyber actors and pose significant risks to the federal enterprise," it noted. 
Remote access tools under assault 

Microsoft described the vulnerability as a privilege escalation flaw and 
patched it with the June 2023 Patch Tuesday cumulative update. 

"An attacker who has gained access to spoofed JWT authentication tokens can 
use them to execute a network attack which bypasses authentication and allows 
them to gain access to the privileges of an authenticated user," Microsoft 
said. "The attacker needs no privileges nor does the user need to perform any 
action." 

As per TheHackerNews , security researcher Nguyn Tin Giang (Jang) of StarLabs 
SG showed the vulnerability in action at the Pwn2Own Vancouver hacking 
contest and earned $100,000 in prize money. He chained the flaw with 
CVE-2023-24955 (patched in May this year), and gained remote code execution 
capabilities on an infected endpoint. 

The latter had a severity score of 7.2. 

"The process of discovering and crafting the exploit chain consumed nearly a 
year of meticulous effort and research to complete the full exploit chain," 
the researcher said in a report published in September last year. 

CISA did not share more details in its alert, so we dont know who the threat 
actors are, or who theyre targeting, other than the fact that the victims 
could be Federal organizations. CISA strongly urges all organizations to 
reduce their exposure to cyberattacks by prioritizing timely remediation of 
Catalog vulnerabilities as part of their vulnerability management practice, 
the organization concluded. More from TechRadar Pro Remote Access vs Remote 
Desktop: What's the difference? Here's a list of the best firewalls around 
today These are the best remote desktop tools on offer for your business



======================================================================
Link to news story:
https://www.techradar.com/pro/security/microsoft-sharepoint-has-a-worrying-sec
urity-flaw-experts-warn


--- Mystic BBS v1.12 A47 (Linux/64)
 * Origin: tqwNet Technology News (1337:1/100)

.