{"id":1097543,"date":"2024-01-12T05:03:28","date_gmt":"2024-01-12T07:03:28","guid":{"rendered":"https:\/\/teknomers.com\/fr\/agissez-maintenant-la-cisa-signale-une-exploitation-active-de-la-vulnerabilite-de-microsoft-sharepoint\/"},"modified":"2024-01-12T05:03:32","modified_gmt":"2024-01-12T07:03:32","slug":"agissez-maintenant-la-cisa-signale-une-exploitation-active-de-la-vulnerabilite-de-microsoft-sharepoint","status":"publish","type":"post","link":"https:\/\/teknomers.com\/fr\/agissez-maintenant-la-cisa-signale-une-exploitation-active-de-la-vulnerabilite-de-microsoft-sharepoint\/","title":{"rendered":"Agissez maintenant\u00a0: la CISA signale une exploitation active de la vuln\u00e9rabilit\u00e9 de Microsoft SharePoint"},"content":{"rendered":"<p> <br \/>\n<\/p>\n<div>\n<p><span class=\"p-author\"><i class=\"icon-font icon-calendar\">\ue802<\/i><span class=\"author\">12 janvier 2024<\/span><i class=\"icon-font icon-user\">\ue804<\/i><span class=\"author\">R\u00e9daction<\/span><\/span><span class=\"p-tags\">Cyberattaque\/vuln\u00e9rabilit\u00e9<\/span><\/p>\n<\/div>\n<div id=\"articlebody\">\n<div class=\"separator\" style=\"clear: both;\"><a rel=\"nofollow\" href=\"https:\/\/teknomers.com\/fr\/wp-content\/uploads\/2024\/01\/Agissez-maintenant-la-CISA-signale-une-exploitation-active-de-la.jpg\" style=\"clear: left; display: block; float: left; text-align: center;\"><\/a><\/div>\n<p>L\u2019Agence am\u00e9ricaine de cybers\u00e9curit\u00e9 et de s\u00e9curit\u00e9 des infrastructures (CISA) a <a rel=\"nofollow noopener\" href=\"https:\/\/www.cisa.gov\/news-events\/alerts\/2024\/01\/10\/cisa-adds-one-known-exploited-vulnerability-catalog\" target=\"_blank\">ajout\u00e9e<\/a> une vuln\u00e9rabilit\u00e9 de s\u00e9curit\u00e9 critique affectant Microsoft SharePoint Server et ses vuln\u00e9rabilit\u00e9s exploit\u00e9es connues (<a rel=\"nofollow noopener\" href=\"https:\/\/www.cisa.gov\/known-exploited-vulnerabilities-catalog\" target=\"_blank\">KEV<\/a>), citant des preuves d&#8217;une exploitation active.<\/p>\n<p>Le probl\u00e8me, suivi comme <strong>CVE-2023-29357<\/strong> (score CVSS : 9,8), est une faille d&#8217;\u00e9l\u00e9vation de privil\u00e8ges qui pourrait \u00eatre exploit\u00e9e par un attaquant pour obtenir les privil\u00e8ges d&#8217;administrateur.  Microsoft a publi\u00e9 des correctifs pour le bogue dans le cadre de ses mises \u00e0 jour du Patch Tuesday de juin 2023.<\/p>\n<p>&#8220;Un attaquant qui a acc\u00e9d\u00e9 \u00e0 des jetons d&#8217;authentification JWT usurp\u00e9s peut les utiliser pour ex\u00e9cuter une attaque r\u00e9seau qui contourne l&#8217;authentification et lui permet d&#8217;acc\u00e9der aux privil\u00e8ges d&#8217;un utilisateur authentifi\u00e9&#8221;, a d\u00e9clar\u00e9 Redmond.  &#8220;L&#8217;attaquant n&#8217;a besoin d&#8217;aucun privil\u00e8ge et l&#8217;utilisateur n&#8217;a besoin d&#8217;effectuer aucune action.&#8221;<\/p>\n<p>Chercheur en s\u00e9curit\u00e9 Nguy\u1ec5n Ti\u1ebfn Giang (Jang) de StarLabs SG <a rel=\"nofollow noopener\" href=\"https:\/\/www.zerodayinitiative.com\/blog\/2023\/3\/22\/pwn2own-vancouver-2023-day-one-results#:~:text=the%20time%20allotted.-,SUCCESS,-%2D%20STAR%20Labs%20(\" target=\"_blank\">a d\u00e9montr\u00e9 un exploit<\/a> pour la faille du concours de piratage Pwn2Own de Vancouver, remportant un prix de 100 000 $.<\/p>\n<div class=\"check_two clear babsi\"><center class=\"cf\"><a rel=\"nofollow noopener\" href=\"https:\/\/thn.news\/BHcgTukm\" target=\"_blank\" title=\"Cybersecurity\"><img loading=\"lazy\" decoding=\"async\" class=\"lazyload\" alt=\"La cyber-s\u00e9curit\u00e9\" src=\"https:\/\/teknomers.com\/fr\/wp-content\/uploads\/2024\/01\/1704092918_732_Nouveau-JinxLoader-ciblant-les-utilisateurs-avec-les-logiciels-malveillants-Formbook.jpg\" width=\"727\" height=\"90\"\/><\/a><\/center><\/div>\n<p>Le <a rel=\"nofollow noopener\" href=\"https:\/\/www.youtube.com\/watch?v=x0DPpVh8fO4\" target=\"_blank\">cha\u00eene d&#8217;ex\u00e9cution de code \u00e0 distance pr\u00e9-authentifi\u00e9e<\/a> combine le contournement d&#8217;authentification (CVE-2023\u201329357) avec un bug d&#8217;injection de code (<a rel=\"nofollow noopener\" href=\"https:\/\/msrc.microsoft.com\/update-guide\/vulnerability\/CVE-2023-24955\" target=\"_blank\">CVE-2023-24955<\/a>score CVSS : 7,2), ce dernier ayant \u00e9t\u00e9 patch\u00e9 par Microsoft en mai 2023.<\/p>\n<p>&#8220;Le processus de d\u00e9couverte et de cr\u00e9ation de la cha\u00eene d&#8217;exploits a n\u00e9cessit\u00e9 pr\u00e8s d&#8217;un an d&#8217;efforts et de recherches m\u00e9ticuleux pour compl\u00e9ter la cha\u00eene d&#8217;exploits&#8221;, Ti\u1ebfn Giang <a rel=\"nofollow noopener\" href=\"https:\/\/starlabs.sg\/blog\/2023\/09-sharepoint-pre-auth-rce-chain\/\" target=\"_blank\">not\u00e9<\/a> dans un rapport technique publi\u00e9 en septembre 2023.<\/p>\n<p>Des d\u00e9tails suppl\u00e9mentaires sur l\u2019exploitation r\u00e9elle de CVE-2023-29357 et l\u2019identit\u00e9 des acteurs de la menace qui pourraient en abuser sont actuellement inconnus.  Cela dit, il est recommand\u00e9 aux agences f\u00e9d\u00e9rales d&#8217;appliquer les correctifs d&#8217;ici le 31 janvier 2024 pour se prot\u00e9ger contre la menace active.<\/p>\n<p><\/p>\n<div class=\"cf note-b\">Vous avez trouv\u00e9 cet article int\u00e9ressant ?  Suivez-nous sur <a rel=\"nofollow noopener\" href=\"https:\/\/twitter.com\/thehackersnews\" target=\"_blank\">Twitter <i class=\"icon-font icon-twitter\">\uf099<\/i><\/a>  et <a rel=\"nofollow noopener\" href=\"https:\/\/www.linkedin.com\/company\/thehackernews\/\" target=\"_blank\">LinkedIn<\/a> pour lire plus de contenu exclusif que nous publions.<\/div>\n<\/div>\n<p><script async src=\"https:\/\/platform.twitter.com\/widgets.js\" charset=\"utf-8\"><\/script><br \/>\n<br \/><br \/>\n<br \/><a href=\"https:\/\/thehackernews.com\/2024\/01\/act-now-cisa-flags-active-exploitation.html\" rel=\"nofollow noopener\" target=\"_blank\">ttn-fr-57<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>\ue80212 janvier 2024\ue804R\u00e9dactionCyberattaque\/vuln\u00e9rabilit\u00e9 L\u2019Agence am\u00e9ricaine de cybers\u00e9curit\u00e9 et de s\u00e9curit\u00e9 des infrastructures (CISA) a ajout\u00e9e une vuln\u00e9rabilit\u00e9 de s\u00e9curit\u00e9 critique affectant Microsoft SharePoint Server et ses vuln\u00e9rabilit\u00e9s exploit\u00e9es connues (KEV), citant des preuves d&#8217;une exploitation active. Le probl\u00e8me, suivi comme CVE-2023-29357 (score CVSS : 9,8), est une faille d&#8217;\u00e9l\u00e9vation de privil\u00e8ges qui pourrait \u00eatre exploit\u00e9e [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":1097544,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[6],"tags":[9261,200292,20565,4805,4168,4165,4161,200267,7929,4159,4171,200271,617,8362,200268,200269,200270,128318,4172,4169,224068,5520,196,4166,3667,4164],"class_list":["post-1097543","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-technologie","tag-active","tag-actualites-sur-la-cybersecurite","tag-agissez","tag-cisa","tag-comment-pirater","tag-cyber-attaques","tag-cyber-mises-a-jour","tag-cyberactualites","tag-exploitation","tag-lactualite-de-la-cybersecurite-aujourdhui","tag-lactualite-des-hackers","tag-logiciel-malveillant-rancongiciel","tag-maintenant","tag-microsoft","tag-mises-a-jour-sur-la-cybersecurite","tag-nouvelles-des-pirates","tag-nouvelles-sur-le-piratage","tag-securite-des-informations","tag-securite-informatique","tag-securite-internet","tag-sharepoint","tag-signale","tag-une","tag-violation-de-donnees","tag-vulnerabilite","tag-vulnerabilite-logicielle"],"_links":{"self":[{"href":"https:\/\/teknomers.com\/fr\/wp-json\/wp\/v2\/posts\/1097543","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/teknomers.com\/fr\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/teknomers.com\/fr\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/teknomers.com\/fr\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/teknomers.com\/fr\/wp-json\/wp\/v2\/comments?post=1097543"}],"version-history":[{"count":0,"href":"https:\/\/teknomers.com\/fr\/wp-json\/wp\/v2\/posts\/1097543\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/teknomers.com\/fr\/wp-json\/wp\/v2\/media\/1097544"}],"wp:attachment":[{"href":"https:\/\/teknomers.com\/fr\/wp-json\/wp\/v2\/media?parent=1097543"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/teknomers.com\/fr\/wp-json\/wp\/v2\/categories?post=1097543"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/teknomers.com\/fr\/wp-json\/wp\/v2\/tags?post=1097543"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}