CVE-2022-35823

Name of the Vulnerable Software and Affected Versions Microsoft SharePoint Server (affected versions not specified) Microsoft SharePoint Foundation (affected versions not specified) Microsoft SharePoint Enterprise Server (affected versions not specified)

Description The issue is related to the deserialization of untrusted data, allowing remote attackers to execute arbitrary code and affect the system. This can be exploited by an attacker to run malicious code remotely.

Recommendations For Microsoft SharePoint Server, apply the necessary security updates to fix the deserialization of untrusted data issue. For Microsoft SharePoint Foundation, restrict access to untrusted data until a patch is available. For Microsoft SharePoint Enterprise Server, consider disabling the workflow deserialization feature as a temporary workaround until a fix is released. As a general mitigation measure, restrict access to the system and ensure that only trusted data is processed to minimize the risk of exploitation.