CVE-2026-58277
Microsoft · SharePoint Enterprise Server
Microsoft SharePoint contains an improper authorization vulnerability that allows an authenticated attacker to elevate their privileges over a network.
Executive summary
An improper authorization flaw in Microsoft SharePoint enables authenticated attackers to escalate privileges, potentially leading to full system compromise.
Vulnerability
This is an improper authorization vulnerability where an authenticated user with low privileges can perform actions or access data beyond their authorized scope. The vulnerability can be exploited over a network.
Business impact
The ability for an authenticated attacker to elevate privileges poses a severe risk to data confidentiality, integrity, and availability. With a CVSS score of 8.8, this vulnerability could allow an attacker to gain administrative control over SharePoint environments, facilitating the theft of sensitive corporate documents or the disruption of critical business workflows.
Remediation
Immediate Action: Apply the relevant security updates provided by Microsoft to reach the patched versions (16.0.5561.1001 for 2016 or 16.0.10417.20175 for 2019).
Proactive Monitoring: Monitor SharePoint audit logs for suspicious privilege escalation attempts or unauthorized access to sensitive site collections.
Compensating Controls: Implement strict access control lists and review user permissions to ensure the principle of least privilege is enforced until patches can be applied.
Exploitation status
Public Exploit Available: Unknown
Analyst recommendation
Privilege escalation vulnerabilities in enterprise infrastructure like SharePoint require immediate attention to prevent unauthorized lateral movement. Security teams should expedite the deployment of the latest security patches to all affected SharePoint instances to mitigate the risk of internal compromise.