CVE-2024-38094 - Microsoft SharePoint Deserialization Vulnerability

CVE-2024-38094: Microsoft | SharePoint

Date Added:
2024-10-22

Due Date:
2024-11-12

Vulnerability Name: Microsoft SharePoint Deserialization Vulnerability

Description: Microsoft SharePoint contains a deserialization vulnerability that allows for remote code execution.

Known To Be Used in Ransomware Campaigns?: Unknown

Action: Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.

Additional Notes: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38094 ; https://nvd.nist.gov/vuln/detail/CVE-2024-38094

Related News Articles

Microsoft SharePoint RCE bug exploited to breach corporate networkNovember 2, 2024

Exploited: Cisco, SharePoint, Chrome vulnerabilitiesOctober 25, 2024

CISA Warns of Active Exploitation of Microsoft SharePoint Vulnerability (CVE-2024-38094)October 23, 2024

Free security scan for your website

Don't show website scan report rating on the leaderboard