This Week Health
Alex's Lemonade Stand This Week Health
<- Back to Insights
October 24, 2024

CISA Warns of Critical Microsoft SharePoint Vulnerability Amid Active Exploitation

The Hacker News
|
Contributed by: Drex DeFord
Summary
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has classified a high-severity vulnerability in Microsoft SharePoint, identified as CVE-2024-38094, as part of its Known Exploited Vulnerabilities catalog following indications of active exploitation. This deserialization vulnerability, which carries a CVSS score of 7.2, permits authenticated attackers with Site Owner permissions to inject arbitrary code into SharePoint Server. Microsoft has addressed this issue in its July 2024 Patch Tuesday updates. The concern is amplified by the existence of proof-of-concept exploits in the public domain, despite no confirmed real-world incidents. CISA requires Federal Civilian Executive Branch agencies to implement the security updates by November 12, 2024.

Explore Related Topics

Subscribe Now to Receive Seven Top Stories Daily to Your Inbox

Subscribe News
Healthcare Transformation Powered by Community

© Copyright 2024 Health Lyrics All rights reserved