CVE-2019-0604

critical

Description

A remote code execution vulnerability exists in Microsoft SharePoint when the software fails to check the source markup of an application package, aka 'Microsoft SharePoint Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-0594.

From the Tenable Blog

CVE-2019-0604: Critical Microsoft SharePoint Remote Code Execution Flaw Actively Exploited
CVE-2019-0604: Critical Microsoft SharePoint Remote Code Execution Flaw Actively Exploited

Published: 2019-12-12

The SharePoint flaw first exploited in the wild in May continues to be exploited nine months after it was patched by Microsoft. Background On December 10, security researcher Kevin Beaumont published a tweet cautioning organizations to patch a Microsoft SharePoint flaw that’s been actively exploited in the wild since at least May, and has since remained a valuable asset to cybercriminals.

References

https://www.securityweek.com/iranian-apt-operating-as-initial-access-provider-to-networks-in-the-middle-east/

https://thehackernews.com/2024/09/iranian-apt-unc1860-linked-to-mois.html

https://cloud.google.com/blog/topics/threat-intelligence/unc1860-iran-middle-eastern-networks/

https://research.checkpoint.com/2024/bad-karma-no-justice-void-manticore-destructive-activities-in-israel/

https://www.tenable.com/cyber-exposure/a-look-inside-the-ransomware-ecosystem

https://web.archive.org/web/20211025233339/https://twitter.com/pancak3lullz/status/1452679527197560837

https://www.cisa.gov/news-events/cybersecurity-advisories/aa21-209a

https://www.trendmicro.com/en_ph/research/21/d/hello-ransomware-uses-updated-china-chopper-web-shell-sharepoint-vulnerability.html

https://www.tenable.com/blog/microsoft-s-december-2020-patch-tuesday-addresses-58-cves-including-cve-2020-25705-sad-dns

https://www.tenable.com/blog/microsoft-s-november-2020-patch-tuesday-addresses-112-cves-including-cve-2020-17087

https://www.tenable.com/blog/microsoft-s-september-2020-patch-tuesday-addresses-129-cves

https://www.cisa.gov/news-events/cybersecurity-advisories/aa20-133a

https://www.tenable.com/blog/critical-vulnerabilities-you-need-to-find-and-fix-to-protect-the-remote-workforce

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0604

http://www.securityfocus.com/bid/106914

Details

Source: Mitre, NVD

Published: 2019-03-05

Updated: 2024-11-21

Risk Information

CVSS v2

Base Score: 7.5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

Severity: High

CVSS v3

Base Score: 9.8

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Severity: Critical