logo
Home/CVEs/CVE-2024-38094/

CVE-2024-38094 - Microsoft SharePoint Deserialization Vulnerability

Project:Microsoft

Product:SharePoint

Date Added:2024-10-22Due Date:2024-11-12

Vulnerability Name

Microsoft SharePoint Deserialization Vulnerability

Description

Microsoft SharePoint contains a deserialization vulnerability that allows for remote code execution.

Known To Be Used in Ransomware Campaigns?

Known

Action

Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.

Additional Notes

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38094

https://nvd.nist.gov/vuln/detail/CVE-2024-38094

Related News Articles

Microsoft SharePoint RCE bug exploited to breach corporate networkNovember 2, 2024

Exploited: Cisco, SharePoint, Chrome vulnerabilitiesOctober 25, 2024

CISA Warns of Active Exploitation of Microsoft SharePoint Vulnerability (CVE-2024-38094)October 23, 2024