Ce mail provient de l'extérieur, restons vigilants

=====================================================================

                            CERT-Renater

                Note d'Information No. 2026/VULN546
_____________________________________________________________________

DATE                : 27/05/2026

HARDWARE PLATFORM(S): /

OPERATING SYSTEM(S): Systems running Microsoft SharePoint Server, 
                     Microsoft SharePoint Enterprise Server,
                  Microsoft SharePoint Server Subscription Edition.

=====================================================================
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-45659
_____________________________________________________________________

Microsoft SharePoint Remote Code Execution Vulnerability NewRecently
updated

CVE-2026-45659
Security Vulnerability

Released: May 21, 2026
Last updated: May 26, 2026

Assigning CNA      Microsoft

CVE.org link    CVE-2026-45659 

Impact   Remote Code Execution       Max Severity    Important

Weakness    CWE-502: Deserialization of Untrusted Data

CVSS Source    Microsoft

Vector String
    CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

Metrics    CVSS:3.1 8.8 / 7.7


Metric             Value
Base Score metrics
Attack Vector              Network
Attack Complexity          Low
Privileges Required        Low
User Interaction           None
Scope                      Unchanged
Confidentiality            High
Integrity                  High
Availability               High

Temporal score metrics
Exploit Code Maturity      Unproven
Remediation Level          Official Fix
Report Confidence          Confirmed

Please see Common Vulnerability Scoring System for more
information on the definition of these metrics.


Executive Summary

Deserialization of untrusted data in Microsoft Office SharePoint
allows an authorized attacker to execute code over a network.


Exploitability

The following table provides an exploitability assessment for this
vulnerability at the time of original publication.

Publicly disclosed
    No
Exploited
    No
Exploitability assessment
    Exploitation Less Likely


FAQ
_____________________________________________________________________
I am running SharePoint Server 2016. Do the updates for SharePoint
Enterprise Server 2016 also apply to the version I am running?

Yes. The same KB number applies to both SharePoint Server 2016 and
SharePoint Enterprise Server 2016. Customers running either version
should install the security update to be protected from this
vulnerability.

According to the CVSS metric, privileges required is low (PR:L). What
does that mean for this vulnerability?

Any authenticated attacker could trigger this vulnerability. It does
not require admin or other elevated privileges.


How could an attacker exploit the vulnerability?

In a network-based attack, an authenticated attacker, who has a
minimum of Site Member permissions (PR:L), could execute code
remotely on the SharePoint Server.

According to the CVSS metric, the attack vector is network (AV:N) and
the attack complexity is low (AC:L). What does that mean for this
vulnerability?

The attack vector is Network (AV:N) because this vulnerability is
remotely exploitable and can be exploited from the internet. The
attack complexity is Low (AC:L) because an attacker does not require
significant prior knowledge of the system and can achieve repeatable
success with the payload against the vulnerable component.


Acknowledgements

    MEOW

Microsoft recognizes the efforts of those in the security community
who help us protect customers through coordinated vulnerability
disclosure. See Acknowledgements for more information.


Security Updates

To determine the support lifecycle for your software, see the
Microsoft Support Lifecycle.


Release date   product   Platform     Impact   Max Severity
Article    Download    Build number     Assigning CNA

May 21, 2026   Microsoft SharePoint Server Subscription Edition
-       Remote Code Execution      Important   5002863 
Security Update      16.0.19725.20280 Microsoft

May 21, 2026   Microsoft SharePoint Server 2019
-
Remote Code Execution    Important         5002870 
Security Update     16.0.10417.20128  Microsoft

May 21, 2026    Microsoft SharePoint Enterprise Server 2016
-      Remote Code Execution     Important   5002868 
Security Update    16.0.5552.1002    Microsoft


Loaded all 3 rows


Disclaimer
The information provided in the Microsoft Knowledge Base is provided
"as is" without warranty of any kind. Microsoft disclaims all
warranties, either express or implied, including the warranties of
merchantability and fitness for a particular purpose. In no event
shall Microsoft Corporation or its suppliers be liable for any damages
whatsoever including direct, indirect, incidental, consequential,
loss of business profits or special damages, even if Microsoft
Corporation or its suppliers have been advised of the possibility of
such damages. Some states do not allow the exclusion or limitation
of liability for consequential or incidental damages so the foregoing
limitation may not apply.


Revisions

1.1              May 26, 2026
Information published. This CVE was addressed by updates that were
released in May 2026, but the CVE was inadvertently omitted from the
May 2026 Security Updates. This is an informational change only.
Customers who have already installed the May 2026 updates do not need
to take any further action.

1.0              May 21, 2026
Information published.

=========================================================
+ CERT-RENATER        |    tel : 01-53-94-20-44         +
+ 23/25 Rue Daviel    |    fax : 01-53-94-20-41         +
+ 75013 Paris         |   email:cert@support.renater.fr +
=========================================================