CVE-2020-17118 : Security Advisory and Response
Learn about CVE-2020-17118, a Remote Code Execution vulnerability in Microsoft SharePoint affecting versions 2010, 2013, 2016, and 2019. Find mitigation steps and prevention measures here.
Microsoft SharePoint Remote Code Execution Vulnerability was published on December 8, 2020, with a CVSS base score of 8.1.
Understanding CVE-2020-17118
This CVE identifies a Remote Code Execution vulnerability in Microsoft SharePoint.
What is CVE-2020-17118?
The CVE-2020-17118 is a Remote Code Execution vulnerability affecting Microsoft SharePoint.
The Impact of CVE-2020-17118
This vulnerability allows attackers to execute arbitrary code on the SharePoint server, potentially leading to complete system compromise.
Technical Details of CVE-2020-17118
This section provides detailed technical information about the vulnerability.
Vulnerability Description
The vulnerability allows remote attackers to execute code on the affected SharePoint servers.
Affected Systems and Versions
- Microsoft SharePoint Enterprise Server 2016 (Version 16.0.0)
- Microsoft SharePoint Server 2019 (Version 16.0.0)
- Microsoft SharePoint Foundation 2010 Service Pack 2 (Version 13.0.0)
- Microsoft SharePoint Foundation 2013 Service Pack 1 (Version 15.0.0)
Exploitation Mechanism
The vulnerability can be exploited remotely by sending a specially crafted request to the SharePoint server.
Mitigation and Prevention
Protect your systems from CVE-2020-17118 with the following steps:
Immediate Steps to Take
- Apply the latest security updates from Microsoft.
- Implement network segmentation to limit exposure.
- Monitor network traffic for any suspicious activity.
Long-Term Security Practices
- Regularly update and patch all software and systems.
- Conduct security assessments and penetration testing.
- Educate users on security best practices.
Patching and Updates
Ensure that all SharePoint servers are updated with the latest security patches to mitigate the risk of exploitation.