A newly-discovered vulnerability in on-premises SharePoint servers is being exploited by hackers, allowing unauthorized access through remote code execution. Designated CVE-2025-53770, this vulnerability grants attackers access to SharePoint contents, including file systems and configurations. Microsoft has urged administrators to apply updates for SharePoint Server Subscription Edition and SharePoint Server 2019. There is no update currently for SharePoint 2016, but development is underway. Suggested mitigation measures include deploying antivirus solutions and utilizing Microsoft Defender for Endpoint protection.
Hackers are actively exploiting a newly-discovered vulnerability in on-premises SharePoint servers, which allows unauthorized access to organizations' infrastructure via remote code execution.
The vulnerability designated CVE-2025-53770 permits gaining access to SharePoint content, internal configurations, and file systems, alongside executing code over the network.
Microsoft advises SharePoint administrators to immediately apply updates for SharePoint Server Subscription Edition and SharePoint Server 2019 released in July 2025.
While a specific update for SharePoint 2016 is not yet available, Microsoft is working on it. SharePoint Online in Microsoft 365 is not affected.
Collection
[
|
...
]