CVE-2021-26420

Name of the Vulnerable Software and Affected Versions Microsoft SharePoint Server (affected versions not specified) Microsoft SharePoint Foundation (affected versions not specified) Microsoft SharePoint Enterprise Server (affected versions not specified)

Description The vulnerability is related to a buffer overflow in memory, allowing remote attackers to execute arbitrary code. This issue can be exploited by an attacker to gain remote code execution capabilities. The estimated number of potentially affected devices worldwide is not available. There is no information about real-world incidents where this issue was exploited.

Recommendations For Microsoft SharePoint Server, consider restricting access to the WorkflowCompilerInternal function as a temporary workaround until a patch is available. For Microsoft SharePoint Foundation, restrict access to potentially vulnerable modules to minimize the risk of exploitation. For Microsoft SharePoint Enterprise Server, avoid using exposed dangerous functions in the WorkflowCompilerInternal until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.