How to Fix CVE-2022-35823- A Remote Code Execution Vulnerability in Microsoft SharePoint

With the onset of a Remote Code Execution vulnerability CVE-2022-35823, the integrity and confidentiality of businesses are at stake. Since this  recently shared vulnerability (on 09/13/2022), is classified as critical to the affected installations of Microsoft SharePoint, it is vital to know how to fix CVE-2022-35823, a Remote Code Execution vulnerability in Microsoft SharePoint. 

A remote authenticated attacker can run arbitrary code on the business products/system. This specially-crafted request can disclose all business information and content to the attacker.

Considering these serious effects of the attacks on business products, SharePoint published the possible way to fix this vulnerability. Applying/downloading security patches can reduce the severity of attacks and even eliminate the problem of CVE-2022-35823 exploit. 

This article will show you how to fix CVE-2022-35823, a Remote Code Execution vulnerability in Microsoft SharePoint.

A Short Note About Microsoft SharePoint

Microsoft Sharepoint is a web-based collaborative platform that allows users to share and manage documents, data, and information. It enables businesses to create websites and portals to share information and collaborate on projects. Sharepoint also provides enterprise content management capabilities, such as document management, records management, and search.

SharePoint is available in on-premises and cloud-based versions. The on-premises version is installed on a company’s own servers, while the cloud-based version is hosted by Microsoft.

SharePoint has been around since 2001 and is used by organizations of all sizes. It is estimated that there are over 190 million Sharepoint users worldwide.

Microsoft SharePoint is a versatile platform that can be used for a variety of purposes. Some common uses of Sharepoint include:

– Creating websites and portals

– Sharing documents and data

– Collaborating on projects

– Managing documents and records

– Searching for information

SharePoint provides many benefits to organizations, such as increased productivity, improved collaboration, and better information management. If you are looking for a way to improve your business operations, Sharepoint may be the right solution for you.

Summary of CVE-2022-35823:

This is a remote code execution vulnerability in SharePoint application. According to the research team, this flaw allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft SharePoint. A remote attacker requires authentication and should have access to create a page on the SharePoint to exploit the vulnerability and runs an arbitrary code on the affected installations.

The specific flaw exists within the handling of custom workflows. The issue results from the lack of proper validation of user-supplied data, which can result in deserialization of untrusted data. An attacker can leverage this vulnerability to execute code in the context of the web service account.-ZDI

This Table Is Created in Evernote By the Author

Microsoft SharePoint Versions Affected by CVE-2022-35823 RCE Vulnerability

Below is the list of versions that are affected by CVE-2022-35823 Remote Code Execution Vulnerability in Microsoft SharePoint; 

This Table Is Created in Evernote By the Author

How to Fix CVE-2022-35823- A Remote Code Execution Vulnerability in Microsoft SharePoint?

Microsoft has released the security patches to fix the CVE-2022-35823 flaw. Please apply these patches from Microsoft’s security advisory.

Different Ways to install the Update on Windows:

Image source: Microsoft

You can download the security patches directly form here:

We hope this post would help you know how to fix CVE-2022-35823, a Remote Code Execution vulnerability in Microsoft SharePoint.. Please share this post if you find this interested. Visit our social media page on Facebook, LinkedIn, Twitter, Telegram, Tumblr, Medium & Instagram, and subscribe to receive updates like this.