Detections
Analytics
CVE-2019-0604
critical
Description
A remote code execution vulnerability exists in Microsoft SharePoint when the software fails to check the source markup of an application package, aka 'Microsoft SharePoint Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-0594.
From the Tenable Blog
CVE-2019-0604: Critical Microsoft SharePoint Remote Code Execution Flaw Actively Exploited
Published: 2019-12-12
The SharePoint flaw first exploited in the wild in May continues to be exploited nine months after it was patched by Microsoft. Background On December 10, security researcher Kevin Beaumont published a tweet cautioning organizations to patch a Microsoft SharePoint flaw that’s been actively exploited in the wild since at least May, and has since remained a valuable asset to cybercriminals.
References
https://www.securityweek.com/cisa-fbi-warn-of-china-linked-ghost-ransomware-attacks/
https://www.cisa.gov/news-events/cybersecurity-advisories/aa25-050a
https://thehackernews.com/2024/09/iranian-apt-unc1860-linked-to-mois.html
https://cloud.google.com/blog/topics/threat-intelligence/unc1860-iran-middle-eastern-networks/
https://www.netwitness.com/wp-content/uploads/FIN13-Elephant-Beetle-NetWitness.pdf
https://www.tenable.com/cyber-exposure/a-look-inside-the-ransomware-ecosystem
https://www.cisa.gov/news-events/cybersecurity-advisories/aa21-209a
https://www.cisa.gov/news-events/cybersecurity-advisories/aa20-133a