World
Microsoft Confirms Critical Zero-Day Vulnerabilities in SharePoint
A serious security issue has emerged with Microsoft’s SharePoint Server, revealing two critical zero-day vulnerabilities, identified as CVE-2025-53770 and CVE-2025-53771. These vulnerabilities pose significant risks, allowing threat actors to execute remote code without authentication, making it imperative for organizations to address the situation promptly.
The first vulnerability, CVE-2025-53770, has been classified as a critical Remote Code Execution (RCE) issue, receiving a CVSS score of 9.8. This flaw arises from the deserialization of untrusted data, specifically within the __VIEWSTATE field, allowing for remote exploitation without any user interaction. According to Microsoft, active exploitation of this vulnerability has been confirmed, marking it as a high-priority concern for all affected entities.
CVE-2025-53771, the second vulnerability, is also a serious issue classified with a CVSS score of 7.1. This vulnerability is characterized by improper input validation, enabling the placement of a web shell in a web-accessible folder on the SharePoint server. Like its counterpart, CVE-2025-53771 can be exploited remotely without user interaction and has also been observed in real-world attacks.
Details on Vulnerability Exploitation
Ronen Ahdut, Head of CyOps MDR at Cynet Security, provided additional insights into how these vulnerabilities function. He noted, “CVE-2025-53770 is a critical, unauthenticated vulnerability with low complexity and high impact, enabling remote code execution in on-premises Microsoft SharePoint Server.” This vulnerability has been actively utilized in attacks, indicating an urgent need for remediation.
Ahdut emphasized that threat actors are leveraging both vulnerabilities in tandem. By exploiting CVE-2025-53771, they can obtain complementary information to enhance their attack methods on CVE-2025-53770. The ongoing exploitation of these vulnerabilities highlights the critical nature of the threat landscape surrounding Microsoft SharePoint.
Recommended Mitigation Strategies
In light of these security risks, Ahdut outlined several steps organizations should take to mitigate potential impacts. He advised monitoring Microsoft’s Update Guide for ongoing patches, particularly for SharePoint 2016, and applying the July 2025 Security Updates for all supported on-premises SharePoint versions immediately.
Furthermore, enabling AMSI (Antimalware Scan Interface) integration with Microsoft Defender across all SharePoint servers is recommended to block exploit paths and facilitate active detection of threats. If enabling AMSI is not feasible, organizations should consider disconnecting SharePoint servers from the internet to prevent potential exploitation.
It is important to note that Microsoft 365 SharePoint Online is not affected by these vulnerabilities, which provides some relief for users of the cloud-based service.
As organizations assess their security postures, the rapid exploitation of CVE-2025-53770 and CVE-2025-53771 serves as a stark reminder of the ever-evolving nature of cyber threats. Immediate action is critical to safeguard sensitive data and maintain operational integrity within affected systems.
Canadians Demand Cost of Living Relief Ahead of Budget Release
Dusty Duffel Bag Found in Italy Revives Cape Breton Soldier’s Story
Urgent Update: Missing Nova Scotia Siblings Lilly and Jack Case Remains Unresolved
Doctor Works 10 Days Without Pay for Dying Baby Amid OHIP Crisis
Pierre Poilievre Remains Noncommittal on Federal Budget Vote
Tolino Launches Innovative Bluetooth Page-Turner for E-Readers
Blue Jays Fall Short in World Series After Heartbreaking Game 7
Grundy Area Vocational Center Launches New Aviation Program
Boeing Develops New Technology to Combat Turbulence Risks
Scientists Unearth Ancient Antarctic Ice to Unlock Climate Secrets
Trump and McCormick to Announce $70 Billion Energy Investments
TransLink Launches Food Truck Program to Boost Revenue in Vancouver
Four Astronauts Return to Earth After International Space Station Mission
Apple Notes Enhances Functionality with Markdown Support in macOS 26
Urgent Update: Fatal Crash on Highway 99 Claims Life of Pitt Meadows Man
Search Underway for Missing Hunter Amid Hokkaido Bear Emergency
Ukrainian Tennis Star Elina Svitolina Faces Death Threats Online
Carney Engages First Nations Leaders at Development Law Summit
-
World4 months agoScientists Unearth Ancient Antarctic Ice to Unlock Climate Secrets
-
Entertainment4 months agoTrump and McCormick to Announce $70 Billion Energy Investments
-
Lifestyle4 months agoTransLink Launches Food Truck Program to Boost Revenue in Vancouver
-
Science4 months agoFour Astronauts Return to Earth After International Space Station Mission
-
Technology2 months agoApple Notes Enhances Functionality with Markdown Support in macOS 26
-
Top Stories3 weeks agoUrgent Update: Fatal Crash on Highway 99 Claims Life of Pitt Meadows Man
-
Sports4 months agoSearch Underway for Missing Hunter Amid Hokkaido Bear Emergency
-
Politics3 months agoUkrainian Tennis Star Elina Svitolina Faces Death Threats Online
-
Politics4 months agoCarney Engages First Nations Leaders at Development Law Summit
-
Technology4 months agoFrosthaven Launches Early Access on July 31, 2025
-
Top Stories1 week agoFamily Remembers Beverley Rowbotham 25 Years After Murder
-
Entertainment4 months agoCalgary Theatre Troupe Revives Magic at Winnipeg Fringe Festival