Microsoft's Patch Tuesday update addresses a critical remote code execution (RCE) vulnerability in SharePoint Server (CVE-2024-30044), allowing authenticated attackers with site owner permissions to trigger RCE by uploading crafted files and generating API requests.
Mike Walters, President of Action1, highlighted the severity of CVE-2024-30044 due to the untrusted data deserialization issue, enabling attackers to execute arbitrary code remotely, potentially leading to deploying web shells, installing malware, or extracting sensitive data.
Walters emphasized the risk where even an attacker with basic Site Viewer permissions could exploit the SharePoint flaw for significant impact, such as establishing persistent access, enabling privilege escalation, and transitioning to full administrative control within the network.
[
Collection
]
[
|
...
]