PoC Released to Exploit Vulnerability Affecting SharePoint and Others
NJCCIC Advisory
Original Release Date: 7/23/2020
Summary
A vulnerability, CVE-2020-1147, was found in two .NET components used to manage data sets in Microsoft SharePoint, .NET Framework, and Visual Studio. A threat actor could exploit this vulnerability by uploading a specially-crafted document to a server using an affected product. This could allow the arbitrary code to run in the context of the process responsible for deserializing XML content. Fully patching the vulnerability requires the installation of the .NET Framework update and the affected product update. Affected products include .NET Core, .NET Framework, SharePoint Enterprise Server 2013 and 2016, SharePoint Server 2010 and 2019, and Visual Studio 2017 and 2019. A proof of concept (PoC) to exploit the flaw has recently been published, prompting urges to patch as soon as possible.
Recommendations
The NJCCIC advises users and administrators to apply patches to affected products immediately after appropriate testing. Information on the vulnerability and update links can be found in the Microsoft advisory.
The NJCCIC is a component organization within the New Jersey Office of Homeland Security and Preparedness. We are the State's one-stop-shop for cyber threat analysis, incident reporting, and information sharing and are committed to making New Jersey more resilient to cyber threats by spreading awareness and promoting the adoption of best practices.
View our Privacy Policy here.
View our Site Index here.