Skip to content

Microsoft SharePoint Vulnerability Added in CISA Known Exploits - 20241024002

Overview

The WA SOC has been made aware of a vulnerability in Microsoft SharePoint deserialisation that allows remote code execution. A threat actor with Site Owner access could use this vulnerability to inject and execute arbitrary code within SharePoint Server.

What is vulnerable?

Product(s) Versions CVE # Severity CVSS
Microsoft SharePoint Enterprise Server 2016
Microsoft SharePoint Server 2019
Microsoft SharePoint Server Subscription Edition
16.0.0 \< 16.0.5456.1000
16.0.0 \< 16.0.10412.20001
16.0.0 \< 16.0.17328.20424
CVE-2024-38094 High 7.2

What has been observed?

There are currently no reports of these vulnerabilities being exploited in the wild at the time of publishing.

Recommendation

The WA SOC recommends administrators apply the solutions as per vendor instructions to all affected devices within expected timeframe of 48 hours (refer Patch Management):

Additional References