A high-severity authorization flaw in Microsoft SharePoint allows an attacker with low-level privileges to achieve remote code execution.

The vulnerability is characterized by improper authorization, which allows a user with low-level privileges to escalate their access. This can result in remote code execution (RCE) when the attacker successfully triggers the flaw, requiring user interaction.

With a CVSS score of 8.0, this vulnerability presents a significant risk to organizational infrastructure. Successful exploitation could grant an attacker full control over the SharePoint server, leading to unauthorized data access, modification, or complete system compromise, which could severely disrupt business operations.

Immediate Action: Apply the relevant security updates (KB5002873 for Subscription Edition or KB5002880 for 2016) immediately.

Proactive Monitoring: Monitor SharePoint application logs for suspicious activity or unauthorized attempts to access administrative functions.

Compensating Controls: Implement the principle of least privilege for SharePoint users to reduce the number of potential attackers capable of triggering this vulnerability.

Public Exploit Available: False

Security teams must prioritize the deployment of the specified Microsoft patches. Given the potential for remote code execution, SharePoint administrators should ensure that all servers are updated and that access is strictly controlled to mitigate the risk of unauthorized code execution.