CVE-2021-41344

Name of the Vulnerable Software and Affected Versions Microsoft SharePoint Server (affected versions not specified) SharePoint Foundation (affected versions not specified) SharePoint Enterprise Server (affected versions not specified)

Description The issue is related to incorrect code generation management in Microsoft SharePoint Server, SharePoint Foundation, and SharePoint Enterprise Server. It allows a remote attacker to execute arbitrary code. The vulnerability involves deserialization of untrusted data, which can be exploited to achieve remote code execution.

Recommendations For Microsoft SharePoint Server, consider disabling the deserialization of untrusted data until a patch is available. For SharePoint Foundation, restrict access to untrusted data to minimize the risk of exploitation. For SharePoint Enterprise Server, avoid using untrusted input in workflow deserialization until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.