Microsoft SharePoint Server Elevation of Privilege Vulnerability
Summary
Microsoft SharePoint Server Elevation of Privilege Vulnerability Affected products named by the advisory: Microsoft SharePoint Enterprise Server 2016; Microsoft SharePoint Server 2019; Microsoft SharePoint Server Subscription Edition.
CISA Known Exploited Vulnerability
- Listed:
- Jul 14, 2026 · federal remediation due Jul 17, 2026
- Required action:
- Apply mitigations in accordance with vendor instructions, ensuring compliance with CISA’s BOD 26-04 Prioritizing Security Updates Based on Risk (see URL in Notes) guidance and CISA’s “Forensics Triage Requirements” (see URL in Notes). Follow applicable BOD 26-04 guidance for cloud services or discontinue use of the product if mitigations are unavailable. Stakeholders are responsible for evaluating each asset's internet exposure and ensuring adherence to BOD 26-04 patching guidelines.
- Ransomware use:
- Unknown
KEV is a prioritization signal from CISA — remediation detail still comes from the vendor advisory.
- Microsoft SharePoint Enterprise Server 2016 16.0.0
- Microsoft SharePoint Server 2019 16.0.0
- Microsoft SharePoint Server Subscription Edition 16.0.0
Official advisory · high-confidence parse· fetched 2 hours ago·verify at source
- KB5002891 (build 16.0.5561.1001)
- KB5002883 (build 16.0.10417.20175)
- KB5002882 (build 16.0.19725.20434)
Official advisory · high-confidence parse· fetched 2 hours ago·verify at source
Mitigation checklist
- Install the applicable security update for your platform: KB5002891, KB5002883, KB5002882 (see the Microsoft Update Catalog).
Official advisory · high-confidence parse· fetched 2 hours ago·verify at source
Discussion(0)
No comments yet. Share field notes, upgrade gotchas, or questions — verify against the vendor advisory before acting on community advice.
Sign in to join the discussion.