Microsoft SharePoint Vulnerability

  • CERT Admin
  • Mon May 13 2019
  • Alerts

Systems Affected 

    ✦  Microsoft SharePoint Enterprise Server 2016;
    ✦  Microsoft SharePoint Foundation 2010 Service Pack 2
    ✦  Microsoft SharePoint Foundation Service Pack 1
    ✦  Microsoft SharePoint Server 2010 Service Pack 2
    ✦  Microsoft SharePoint Server 2013 Service Pack 1
    ✦  Microsoft SharePoint Server 2019

Threat Level

High

Overview 

Several version of Microsoft SharePoint Server was found deploying the Chine Chopper web shell. It was identified that compromised systems belongs to the academic, utility, heavy industry, manufacturing and technology sectors.

Description 

Microsoft SharePoint Server Software fails to check the markup of an application stage. An attacker who could successfully compromised the system could run arbitrary code in the context of the SharePoint application pool and the SharePoint server farm account. 

Impact 

  ✦  Stealing sensitive information from the tricked user
  ✦  Remote Code execution
  ✦  Distributing malware

Solution/ Workarounds 

  ✻  Update the latest version of the Mozilla's Firefox on Windows, Linux and Mac.

References 

  ✦  https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0604
  ✦  https://cyber.gc.ca/en/alerts/china-chopper-malware-affecting-sharepoint-servers

Disclaimer 

The information provided herein is on "as is" basis, without warranty of any kind.
 

Last updated: Mon May 13 2019