Microsoft SharePoint Flaw Actively Exploited (CVE-2019-0604)

Question

Microsoft SharePoint Flaw Actively Exploited (CVE-2019-0604)A Microsoft SharePoint flaw patched back initially patched back in February has been under active exploitation since May.Kevin Beaumont, a security researcher, has cautioned organizations to patch the SharePoint flaw that’s been actively exploited, as he observed it being exploited against his own honeypots as recently as last month.&nbsp;CVE-2019-0604 is a remote code execution (RCE) vulnerability in Microsoft SharePoint due to improper input validation in checking the source markup of an application package. Successful exploitation of the vulnerability by an attacker would grant them arbitrary code execution “in the context of the SharePoint application pool and the SharePoint server farm account.”To learn more about the origins of the flaw and subsequent reports of its exploitation in the wild, please visit our blog.

anonymous · Answer

&nbsp;Thanks for sharing the information

Vulnerability Watch

Forum Discussion

Microsoft SharePoint Flaw Actively Exploited (CVE-2019-0604)

1 Reply

Recent Discussions

Frequently Asked Questions About Notepad++ Supply Chain Compromise

Ivanti Endpoint Manager Mobile Zero-Days Exploited (CVE-2026-1281, CVE-2026-1340)

Oracle January 2026 Critical Patch Update Addresses 158 CVEs

CVE-2025-64155: Exploit Code Released for Critical Fortinet FortiSIEM Vulnerability

Microsoft’s January 2026 Patch Tuesday Addresses 113 CVEs (CVE-2026-20805)

Americas

Europe

Asia / Australia