Hackers are already attacking this Microsoft SharePoint vulnerability, so patch now

The US Cybersecurity and Infrastructure Security Agency (CISA) has added a new Microsoft Sharepoint Server vulnerability to its Known Exploited Vulnerabilities (KEV) catalog, indicating that hackers have begun exploiting it in the wild.

The vulnerability is tracked as CVE-2023-24955 and has a severity score of 7.2. It is described as a critical Remote Code Execution (RCE) flaw, which could allow an authenticated threat actor, with site owner privileges, to execute arbitrary code on the vulnerable endpoints.