Open Nav
Sign Up

Urgent Security Advisory: Active Exploitation of Microsoft SharePoint Vulnerability

Bar Refael

January 14, 2024

Active Exploitation of Microsoft SharePoint Vulnerability

In alignment with OP Innovate’s commitment to robust cybersecurity, we are urgently notifying our clients about a critical security vulnerability in Microsoft SharePoint Server. This advisory incorporates recent alerts from the U.S. Cybersecurity & Infrastructure Security Agency (CISA) to provide comprehensive guidance.

Vulnerability Overview:

  • CVE Identifier: CVE-2023-29357
  • Severity: High (CVSS score: 9.8)
  • Vulnerability Type: Privilege Escalation Flaw in Microsoft SharePoint Server
  • Status: Actively Exploited

Impact and Exploitation:

This vulnerability allows attackers to gain administrator-level access through a privilege escalation flaw. It is exploited via spoofed JWT authentication tokens, bypassing standard authentication procedures and gaining unauthorized access.

CISA Alert and BOD 22-01 Directive:

  • CISA added CVE-2023-29357 to its Known Exploited Vulnerabilities Catalog on January 10, 2024, due to active exploitation.
  • The Binding Operational Directive (BOD) 22-01 requires Federal Civilian Executive Branch agencies to remediate such vulnerabilities urgently.
  • Although BOD 22-01 specifically targets federal agencies, CISA strongly recommends all organizations prioritize the remediation of these vulnerabilities.

Patch and Response:

Microsoft released patches in June 2023. We strongly urge all clients using Microsoft SharePoint Server to apply these updates immediately.

OP Innovate’s Advisory:

  • Immediate Action: Apply the Microsoft patches for CVE-2023-29357 without delay.
  • Review Security Posture: We advise reviewing your organization’s overall security posture to ensure resilience against such vulnerabilities.
  • Stay Informed: OP Innovate is committed to providing ongoing updates and support regarding this and other cybersecurity threats.

Conclusion:

The security of our clients’ digital assets is paramount. This advisory underlines the importance of swift and decisive action to mitigate the risks posed by CVE-2023-29357. We are committed to assisting our clients in navigating these challenges to maintain system integrity.

Stay Safe and Secure,

OP Innovate Cybersecurity Team.

Resources highlights

New Linux Vulnerabilities (CVE-2025-6018 & CVE-2025-6019) Enable Full Root Access in Seconds

Security researchers have uncovered a critical privilege escalation chain in major Linux distributions that allows any local user with a session (SSH or GUI) to…

Read more >

CVE-2025-6018, CVE-2025-6019

Zero to Hero: How Our Red Team Turned a Sticky Note Into Full Cloud Compromise

“The weakest link in your security chain might be sitting right on your desk.” At OP Innovate, our CREST-certified red team is trained to think…

Read more >

OP Innovate Red Team

One-Third of All Grafana Instances Vulnerable to XSS (CVE-2025-4123)

Over 46,000 internet-facing Grafana servers (≈36 % of those online) are still running versions susceptible to CVE-2025-4123, a high-severity open-redirect that chains into stored cross-site…

Read more >

CVE-2025-4123

New Microsoft Outlook Vulnerability Enables Local Code Execution (CVE-2025-47176)

Published: June 11, 2025 Threat Level: High Affected Product: Microsoft Outlook (Microsoft 365 Apps for Enterprise, Office LTSC 2024) CVSS Score: 7.8 (High) A newly…

Read more >

CVE-2025-47176

How MSSPs Are Turning Penetration Testing Into Recurring Revenue with WASP

When OP Innovate first launched WASP in 2022, we weren’t chasing unicorn status or massive VC rounds. We were focused on fixing a real problem:…

Read more >

CVE-2025-49113: Actively Exploited Critical Vulnerability in Roundcube Webmail

Severity: Critical (CVSS 9.9) Status: Active Exploitation Confirmed On June 1, 2025, Roundcube developers issued critical security updates to patch a newly discovered vulnerability in…

Read more >

CVE-2025-49113.
Under Cyber Attack?

Fill out the form and we will contact you immediately.