Microsoft SharePoint RCE bug exploited to breach corporate network
A recently disclosed Microsoft SharePoint remote code execution (RCE) vulnerability tracked as CVE-2024-38094 is being exploited to gain initial access to corporate networks. [...]
Remote code execution lets attackers run commands on a target system, enabling full compromise; patch exposed software and restrict privileges.
Search across headline titles and summaries.
Background for this topic.
Remote code execution (RCE) is the ability of an attacker to make a system run attacker-chosen code from a remote position, usually by exploiting a flaw in a network-facing application, service, protocol, or the processing of untrusted content. Unlike simple unauthorized access, successful RCE can run with the privileges of the affected process, enabling actions such as accessing data, changing configuration, disrupting a service, establishing persistence, or moving to other systems. Exploitability depends on factors including network reachability, authentication requirements, configuration, and whether execution is constrained.
Defenders should prioritize exposed RCE vulnerabilities in vulnerability management: inventory reachable assets, apply fixes or vendor mitigations, and restrict access or disable vulnerable functionality where patching is not immediately possible. Least privilege and service isolation limit the damage if exploitation succeeds. Secure input handling, safe deserialization, and avoiding unnecessary shell invocation reduce common attack paths. Monitoring for unusual process creation and outbound connections can support detection; suspected exploitation warrants prompt investigation, preservation of relevant logs, credential rotation where appropriate, and checks for persistence.
A recently disclosed Microsoft SharePoint remote code execution (RCE) vulnerability tracked as CVE-2024-38094 is being exploited to gain initial access to corporate networks. [...]
Factory automation software from Mitsubishi Electric and Rockwell Automation could be subject to remote code execution (RCE), denial-of-service (DoS), and more.
qBittorrent has addressed a remote code execution flaw caused by the failure to validate SSL/TLS certificates in the application's DownloadManager, a component that manages downloads throughout the app. [...]
Over 22,000 CyberPanel instances exposed online to a critical remote code execution (RCE) vulnerability were mass-targeted in a PSAUX ransomware attack that took almost all instances offline. [...]
A little over three dozen security vulnerabilities have been disclosed in various open-source artificial intelligence (AI) and machine learning (ML) models, some of which could lead to remote code execution and information theft