• About Us
  • Privacy Policy
  • Disclaimer
  • Contact Us
AimactGrow
  • Home
  • Technology
  • AI
  • SEO
  • Coding
  • Gaming
  • Cybersecurity
  • Digital marketing
No Result
View All Result
  • Home
  • Technology
  • AI
  • SEO
  • Coding
  • Gaming
  • Cybersecurity
  • Digital marketing
No Result
View All Result
AimactGrow
No Result
View All Result

CISA Provides Exploited SharePoint RCE Zero-Day CVE-2026-58644 to KEV

Admin by Admin
July 17, 2026
Home Cybersecurity
Share on FacebookShare on Twitter


Ravie LakshmananJul 17, 2026Vulnerability / Enterprise Safety

The U.S. Cybersecurity and Infrastructure Safety Company (CISA) on Thursday added a newly patched safety flaw impacting Microsoft SharePoint Server to its Identified Exploited Vulnerabilities (KEV) catalog, requiring Federal Civilian Government Department (FCEB) businesses to use the fixes by July 19, 2026.

The vulnerability in query is CVE-2026-58644 (CVSS rating: 9.8), a crucial deserialization of untrusted knowledge vulnerability that permits an unauthorized attacker to execute arbitrary code.

“In a network-based assault, an attacker authenticated as not less than a Website Proprietor, might write arbitrary code to inject and execute code remotely on the SharePoint Server,” Microsoft stated in an advisory launched earlier this week.

Redmond famous that the vulnerability is remotely exploitable over the web, warning that the assault complexity is low for 2 causes –

  • An attacker doesn’t require vital prior data of the system
  • An attacker can obtain repeatable success with the payload in opposition to the weak element

The vulnerability impacts the next variations –

  • Microsoft SharePoint Server Subscription Version
  • Microsoft SharePoint Server 2019
  • Microsoft SharePoint Enterprise Server 2016

Patches for the flaw have been launched as a part of the Patch Tuesday updates launched on July 14, 2026. Microsoft has since revised its bulletin to make clear that CVE-2026-58644 has been exploited within the wild, that means the shortcoming was weaponized as a zero-day previous to the fixes turning into out there.

The event comes as CISA warned of lively exploitation of a number of SharePoint Server vulnerabilities, together with  CVE-2026-32201, CVE-2026-45659, CVE-2026-56164, and CVE-2026-58644, that would allow risk actors to achieve unauthorized entry to on-premises cases.

“These vulnerabilities have an effect on all supported on-premises SharePoint Server variations (Subscription Version, 2019, and 2016) and contain establishing distant code execution (RCE) and post-exploitation actions, akin to stealing Web Info Providers (IIS) machine keys and performing deserialization strategies, to achieve persistence and deploy malware,” the federal cybersecurity watchdog famous.

CISA has outlined the next hardening measures to include the risk –

  • Apply the newest patches and safety updates from Microsoft, confirm they’ve been put in efficiently, and shorten patching cycles when doable.
  • Confirm that Antimalware Scan Interface (AMSI) integration is enabled for every SharePoint internet utility.
  • Scan for and take away intrusion artifacts, together with machine key harvesting instruments, earlier than rotating IIS machine keys to keep away from the theft of the keys.
  • Set up tailor-made logging mechanisms to detect and monitor exploitation actions.
  • Keep away from exposing SharePoint Servers on to the web until essential.
  • Block exterior entry to SharePoint Central Administration, limit farm and database communications to required techniques, and evaluate Microsoft’s SharePoint Server security-hardening steerage for role-specific ports, providers, and Net.config settings.

On Thursday, the company additionally added two crucial safety flaws impacting Fortinet FortiSandbox (CVE-2026-25089 and CVE-2026-39808) to the KEV catalog, following reviews of lively exploitation. Federal businesses have till July 19, 2026, to replace their cases to the newest supported variations.

Tags: addsCISACVE202658644ExploitedKEVRCESharePointZeroDay
Admin

Admin

Next Post
Castlevania: Belmont’s Curse Turns Robust Bosses Into Highly effective Pals

Castlevania: Belmont’s Curse Turns Robust Bosses Into Highly effective Pals

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Recommended.

How Virtua Fighter Seems to Carry Innovation and Realism to the 3D Combating Style | Evo 2025

How Virtua Fighter Seems to Carry Innovation and Realism to the 3D Combating Style | Evo 2025

August 6, 2025
AI Girlfriend Chatbots With No Filter: 9 Unfiltered Digital Companions

AI Girlfriend Chatbots With No Filter: 9 Unfiltered Digital Companions

May 18, 2025

Trending.

Backrooms director Kane Parsons explains the birds, the portals, and his sensible results

Backrooms director Kane Parsons explains the birds, the portals, and his sensible results

May 31, 2026
100 Most Costly Key phrases for Google Advertisements in 2026

100 Most Costly Key phrases for Google Advertisements in 2026

January 13, 2026
Nsfw Chatgpt Options – Examples I’ve Used

Nsfw Chatgpt Options – Examples I’ve Used

October 13, 2025
ModeloRAT and Mistic Backdoor Exercise Linked to Ransomware Preliminary Entry Dealer

ModeloRAT and Mistic Backdoor Exercise Linked to Ransomware Preliminary Entry Dealer

June 24, 2026
Cisco Catalyst SD-WAN Zero-Day CVE-2026-20245 Exploited to Acquire Root Entry

Cisco Catalyst SD-WAN Zero-Day CVE-2026-20245 Exploited to Acquire Root Entry

June 25, 2026

AimactGrow

Welcome to AimactGrow, your ultimate source for all things technology! Our mission is to provide insightful, up-to-date content on the latest advancements in technology, coding, gaming, digital marketing, SEO, cybersecurity, and artificial intelligence (AI).

Categories

  • AI
  • Coding
  • Cybersecurity
  • Digital marketing
  • Gaming
  • SEO
  • Technology

Recent News

NVIDIA AI Releases Nemotron 3 Embed: An Open Embedding Assortment Whose 8B Checkpoint Ranks #1 on RTEB

NVIDIA AI Releases Nemotron 3 Embed: An Open Embedding Assortment Whose 8B Checkpoint Ranks #1 on RTEB

July 17, 2026
Castlevania: Belmont’s Curse Turns Robust Bosses Into Highly effective Pals

Castlevania: Belmont’s Curse Turns Robust Bosses Into Highly effective Pals

July 17, 2026
  • About Us
  • Privacy Policy
  • Disclaimer
  • Contact Us

© 2025 https://blog.aimactgrow.com/ - All Rights Reserved

No Result
View All Result
  • Home
  • Technology
  • AI
  • SEO
  • Coding
  • Gaming
  • Cybersecurity
  • Digital marketing

© 2025 https://blog.aimactgrow.com/ - All Rights Reserved