Microsoft has alerted users about a serious zero-day vulnerability, CVE-2025-53770, affecting SharePoint Server versions. This flaw, rated 9.8 on the CVSS scale, allows unauthorized code execution through deserialization of untrusted data. Active exploits are targeting on-premises customers. A patch has been issued only for SharePoint Server Subscription Edition, while vulnerabilities in SharePoint Enterprise Server 2016 and SharePoint Server 2019 remain unaddressed. CISA recommends specific monitoring practices for impacted users while Microsoft advises enabling Windows Antimalware Scan Interface and maintaining robust antivirus systems.
Microsoft has acknowledged a zero-day vulnerability, CVE-2025-53770, in multiple versions of SharePoint Server that allows unauthorized code execution, with active attacks reported.
The vulnerability CVE-2025-53770 carries a high severity score of 9.8 on the CVSS scale and is linked to untrusted data deserialization.
CISA advises monitoring specific IP addresses and suspicious processes related to SharePoint Server to counteract active exploitation of the vulnerability.
Microsoft has provided a patch for SharePoint Server Subscription Edition but is still working on addressing vulnerabilities in earlier versions.
Collection
[
|
...
]