KEV · Actively exploited
CVE-2023-29357
CRITICAL 9.8
KEV
Microsoft SharePoint Server Elevation of Privilege Vulnerability
EPSS
94.36%
exploit likely
percentile 100.0%
CISA Known Exploited Vulnerability
- Added to KEV
- 2024-01-10
- Remediation deadline
- 2024-01-31
- Required action
- Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.
- Ransomware
- Yes, known ransomware campaign