The US cybersecurity agency CISA has issued a warning to threat actors who are exploiting a critical Microsoft SharePoint Server vulnerability in the wild.
This June 2023 Patch Tuesday security flaw, tracked as CVE-2023-29357 (CVSS score of 9.8), is characterized as an elevation of privilege (EoP) vulnerability that grants administrator privileges to unauthenticated attackers. By sending a fake JSON Web Token (JWT) authentication token to a susceptible SharePoint server, an attacker can take advantage of the vulnerability.
Microsoft claims that successful exploitation doesn’t require user interaction. CISA added CVE-2023-29357 to its list of known exploited vulnerabilities (KEV) this week, over three months after the PoC was published. This indicates that threat actors are actively using it in attacks against SharePoint servers.
Read More: CISA Urges Patching of Exploited SharePoint Server Vulnerability