CISA Urges Immediate Patching of Exploited SharePoint Vulnerabilities

CISA Urges Immediate Patching of Exploited SharePoint Vulnerabilities
CISA urged immediate hardening of Microsoft SharePoint servers after multiple zero-day vulnerabilities were disclosed and several were confirmed as exploited in attacks. The agency warned that affected on-premises SharePoint versions face remote code execution, privilege escalation, and post-exploitation activity, including theft of IIS machine keys and malware deployment. #CVE-2026-56164 #CVE-2026-32201 #CVE-2026-45659 #CVE-2026-55040 #CVE-2026-58644 #Microsoft #SharePoint #CISA

Keypoints

  • CISA urged immediate patching of vulnerable Microsoft SharePoint servers.
  • CVE-2026-56164 is a remotely exploitable privilege escalation flaw added to the KEV catalog.
  • Microsoft also patched CVE-2026-55040 and CVE-2026-58644 in its July 2026 updates.
  • CISA highlighted previously exploited flaws, including CVE-2026-32201 and CVE-2026-45659.
  • Organizations should monitor for intrusions, rotate IIS machine keys, and restrict internet exposure.

Read More: https://www.securityweek.com/cisa-urges-immediate-patching-of-exploited-sharepoint-vulnerabilities/