The U.S. Cybersecurity and Infrastructure Safety Company (CISA) has added a crucial security vulnerability impacting Microsoft SharePoint Server to its Identified Exploited Vulnerabilities (KEV) catalog, citing proof of energetic exploitation.
The problem, tracked as CVE-2023-29357 (CVSS rating: 9.8), is a privilege escalation flaw that could possibly be exploited by an attacker to achieve administrator privileges. Microsoft launched patches for the bug as a part of its June 2023 Patch Tuesday updates.
“An attacker who has gained entry to spoofed JWT authentication tokens can use them to execute a community assault which bypasses authentication and permits them to achieve entry to the privileges of an authenticated consumer,” Redmond stated. “The attacker wants no privileges nor does the consumer have to carry out any motion.”
Safety researcher Nguyễn Tiến Giang (Jang) of StarLabs SG demonstrated an exploit for the flaw on the Pwn2Own Vancouver hacking contest, incomes a $100,000 prize.
The pre-authenticated distant code execution chain combines authentication bypass (CVE-2023–29357) with a code injection bug (CVE-2023-24955, CVSS rating: 7.2), the latter of which was patched by Microsoft in Could 2023.
“The method of discovering and crafting the exploit chain consumed almost a 12 months of meticulous effort and analysis to finish the complete exploit chain,” Tiến Giang famous in a technical report printed in September 2023.
Extra specifics of the real-world exploitation of CVE-2023–29357 and the id of the risk actors that could be abusing them are presently unknown. That stated, federal companies are really helpful to use the patches by January 31, 2024, to safe towards the energetic risk.
