Is CVE-2020-1024 known to be exploited?

6 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Vulnerability in Microsoft Sharepoint Enterprise Server

CVE-2020-1024

A remote code execution vulnerability exists in Microsoft SharePoint when the software fails to check the source markup of an application package, aka 'Microsoft SharePoint Remote Code Execution Vulnerability'. This CVE ID is unique from C…

EPSS: 0.207 (95.7th percentile) — read the EPSS interpretation.

Affected products

Microsoft Sharepoint Enterprise Server — versions 2016
Microsoft Sharepoint Foundation — versions 2013 Service Pack 1
Microsoft Sharepoint Server — versions 2019

Public proof-of-concept exploits

0xT11/CVE-POC
ARPSyndicate/cvemon
developer3000S/PoC-in-GitHub
hectorgie/PoC-in-GitHub
nomi-sec/PoC-in-GitHub
soosmile/POC

References

portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1024 (x_refsource_MISC)

Frequently asked questions

What is CVE-2020-1024?: CVE-2020-1024 is a vulnerability in Microsoft Sharepoint Enterprise Server. Published 2020-05-21.
Is CVE-2020-1024 known to be exploited?: 6 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.