Skip to content
  • Home
  • Cyber Map
  • About Us – Contact
  • Disclaimer
  • Terms and Rules
  • Privacy Policy
Cyber Web Spider Blog – News

Cyber Web Spider Blog – News

Globe Threat Map provides a real-time, interactive 3D visualization of global cyber threats. Monitor DDoS attacks, malware, and hacking attempts with geo-located arcs on a rotating globe. Stay informed with live logs and archive stats.

  • Home
  • Cyber Map
  • Cyber Security News
  • Security Week News
  • The Hacker News
  • How To?
  • Toggle search form
CISA Highlights Exploited SharePoint Vulnerability

CISA Highlights Exploited SharePoint Vulnerability

Posted on July 17, 2026 By CWS

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued a warning regarding a critical security flaw in Microsoft SharePoint Server. Added to the Known Exploited Vulnerabilities (KEV) catalog on Thursday, this flaw necessitates immediate action from Federal Civilian Executive Branch (FCEB) agencies. These agencies are required to implement the necessary fixes by July 19, 2026, to protect their systems against potential exploits.

Details of the SharePoint Vulnerability

Identified as CVE-2026-58644, the vulnerability carries a CVSS score of 9.8, indicating its severity. It involves the deserialization of untrusted data, which allows attackers without authorization to execute arbitrary code. Microsoft’s advisory highlights that attackers could exploit this flaw remotely by posing as a Site Owner, thereby injecting and executing code on the SharePoint Server.

This vulnerability affects several versions of SharePoint Server, including the Subscription Edition, SharePoint Server 2019, and SharePoint Enterprise Server 2016. The flaw was addressed in the Patch Tuesday updates on July 14, 2026, with Microsoft confirming that this vulnerability was actively exploited as a zero-day before the patch release.

Active Exploitation and Additional Threats

CISA has noted that this vulnerability is not the only one under active exploitation. Alongside CVE-2026-58644, other SharePoint Server vulnerabilities like CVE-2026-32201, CVE-2026-45659, and CVE-2026-56164 are also being targeted. These vulnerabilities allow attackers to gain unauthorized access and execute remote code, furthering the risk of persistence and malware deployment.

The federal agency emphasizes the risk to all supported on-premises SharePoint Server versions, warning of techniques used by threat actors, such as stealing Internet Information Services (IIS) machine keys and using deserialization tactics to escalate attacks.

Recommended Mitigation Strategies

In response, CISA has provided a series of hardening measures. Agencies are urged to apply the latest security patches from Microsoft promptly and ensure successful installation. The use of Antimalware Scan Interface (AMSI) integration for each SharePoint web application is also recommended.

Additional steps include scanning for intrusion artifacts, rotating IIS machine keys, and establishing robust logging mechanisms to detect exploitation attempts. CISA advises against exposing SharePoint Servers directly to the internet, restricting access to necessary systems, and following Microsoft’s security-hardening guidance.

Furthermore, CISA has identified two critical vulnerabilities in Fortinet FortiSandbox, CVE-2026-25089 and CVE-2026-39808, adding them to the KEV catalog due to active exploitation reports. Federal agencies are once again urged to update their systems by July 19, 2026.

In light of these developments, it is imperative for organizations to act swiftly to secure their systems against these evolving threats.

The Hacker News Tags:CISA, Cybersecurity, Fortinet, Microsoft, Patch Tuesday, RCE, security flaw, SharePoint, Vulnerability, zero-day

Post navigation

Previous Post: Coca-Cola Halts Fairlife Production Following Cyber Attack
Next Post: New SharePoint Security Gap Exploited After Disclosure

Related Posts

Iranian Hackers Maintain 2-Year Access to Middle East CNI via VPN Flaws and Malware Iranian Hackers Maintain 2-Year Access to Middle East CNI via VPN Flaws and Malware The Hacker News
How to Gain Control of AI Agents and Non-Human Identities How to Gain Control of AI Agents and Non-Human Identities The Hacker News
Iranian Hackers Exploit 100+ Embassy Email Accounts in Global Phishing Targeting Diplomats Iranian Hackers Exploit 100+ Embassy Email Accounts in Global Phishing Targeting Diplomats The Hacker News
AI Arms Race: Prioritizing Unified Exposure Management AI Arms Race: Prioritizing Unified Exposure Management The Hacker News
Fortinet FortiSandbox Vulnerabilities Under Attack Fortinet FortiSandbox Vulnerabilities Under Attack The Hacker News
Critical SolarWinds Vulnerability Listed as Actively Exploited Critical SolarWinds Vulnerability Listed as Actively Exploited The Hacker News

Categories

  • Cyber Security News
  • How To?
  • Security Week News
  • The Hacker News

Recent Posts

  • CISA Alerts on Critical Fortinet Vulnerabilities
  • New SharePoint Security Gap Exploited After Disclosure
  • CISA Highlights Exploited SharePoint Vulnerability
  • Coca-Cola Halts Fairlife Production Following Cyber Attack
  • 7-Zip Flaw Risks Remote Code Execution for Millions

Pages

  • About Us – Contact
  • Disclaimer
  • Privacy Policy
  • Terms and Rules

Archives

  • July 2026
  • June 2026
  • May 2026
  • April 2026
  • March 2026
  • February 2026
  • January 2026
  • December 2025
  • November 2025
  • October 2025
  • September 2025
  • August 2025
  • July 2025
  • June 2025
  • May 2025

Recent Posts

  • CISA Alerts on Critical Fortinet Vulnerabilities
  • New SharePoint Security Gap Exploited After Disclosure
  • CISA Highlights Exploited SharePoint Vulnerability
  • Coca-Cola Halts Fairlife Production Following Cyber Attack
  • 7-Zip Flaw Risks Remote Code Execution for Millions

Pages

  • About Us – Contact
  • Disclaimer
  • Privacy Policy
  • Terms and Rules

Categories

  • Cyber Security News
  • How To?
  • Security Week News
  • The Hacker News

Copyright © 2026 Cyber Web Spider Blog – News.

Powered by PressBook Masonry Dark