securityonline.info 7/7/2026, 6:33:05 PM · external

Critical SharePoint Flaw Lets Low Privilege Users Run Remote Code

Critical SharePoint Flaw Lets Low Privilege Users Run Remote Code
CyberSIXT Evidence Panel
Primary Source msrc.microsoft.com
CVE Intel
CISA KEV Not in KEV
Patch Patch Available

CVE- 2026-33112 is a high-risk vulnerability (CVSS 8.8) in Microsoft SharePoint Enterprise Server 2016, allowing low-privilege users to execute remote code. No confirmed exploitation has been observed. Microsoft issued patches in May 2026, and users are advised to update to versions 16.0.5552.1002, 16.0.10417.20128, or 16.0.19725.20280. The flaw exploits external XSD schema imports to bypass security checks, which can lead to unauthorized server access. While SharePoint Online does not require actions, on-premises installations must promptly apply the update to prevent potential attacks.

View Primary Source Via securityonline.info

Article by CyberSIXT