CISA warns of SharePoint vulnerabilities exploited by hackersÂ
The Cybersecurity and Infrastructure Security Agency has issued an alert warning of four Microsoft SharePoint vulnerabilities being exploited by cyber threat actors. CISA said the vulnerabilities affect all supported on-premises versions of SharePoint Server, including the Subscription Edition, 2019 and 2016. Threat actors can establish remote code execution and perform other actions to deploy malware. CISA said organizations should monitor SharePoint Servers closely for any signs of exploitation or unusual activity. An additional vulnerability was found, but it is not yet known to have been exploited. Microsoft identified it as a potential risk if it is left unpatched. CISA urged organizations to apply the latest patches and security updates from Microsoft, among other recommendations.
“Nearly everyone using Microsoft products is using SharePoint, the backbone of the Office suite,” said Scott Gee, AHA deputy national advisor for cybersecurity and risk. “Hospitals with their SharePoint instances housed on premises should pay particular attention to this alert. The common vulnerabilities and exposures listed in the report have patches available, and they should be deployed as soon as possible. Hospitals should also verify that the security measures mentioned are in place.”
For more information on this or other cyber and risk issues, contact Gee at sgee@aha.org, or John Riggi, AHA national advisor for cybersecurity and risk, at jriggi@aha.org. For the latest cyber and risk resources and threat intelligence, visit aha.org/cybersecurity.