World
Microsoft Confirms Critical Zero-Day Vulnerabilities in SharePoint
A serious security issue has emerged with Microsoft’s SharePoint Server, revealing two critical zero-day vulnerabilities, identified as CVE-2025-53770 and CVE-2025-53771. These vulnerabilities pose significant risks, allowing threat actors to execute remote code without authentication, making it imperative for organizations to address the situation promptly.
The first vulnerability, CVE-2025-53770, has been classified as a critical Remote Code Execution (RCE) issue, receiving a CVSS score of 9.8. This flaw arises from the deserialization of untrusted data, specifically within the __VIEWSTATE field, allowing for remote exploitation without any user interaction. According to Microsoft, active exploitation of this vulnerability has been confirmed, marking it as a high-priority concern for all affected entities.
CVE-2025-53771, the second vulnerability, is also a serious issue classified with a CVSS score of 7.1. This vulnerability is characterized by improper input validation, enabling the placement of a web shell in a web-accessible folder on the SharePoint server. Like its counterpart, CVE-2025-53771 can be exploited remotely without user interaction and has also been observed in real-world attacks.
Details on Vulnerability Exploitation
Ronen Ahdut, Head of CyOps MDR at Cynet Security, provided additional insights into how these vulnerabilities function. He noted, “CVE-2025-53770 is a critical, unauthenticated vulnerability with low complexity and high impact, enabling remote code execution in on-premises Microsoft SharePoint Server.” This vulnerability has been actively utilized in attacks, indicating an urgent need for remediation.
Ahdut emphasized that threat actors are leveraging both vulnerabilities in tandem. By exploiting CVE-2025-53771, they can obtain complementary information to enhance their attack methods on CVE-2025-53770. The ongoing exploitation of these vulnerabilities highlights the critical nature of the threat landscape surrounding Microsoft SharePoint.
Recommended Mitigation Strategies
In light of these security risks, Ahdut outlined several steps organizations should take to mitigate potential impacts. He advised monitoring Microsoft’s Update Guide for ongoing patches, particularly for SharePoint 2016, and applying the July 2025 Security Updates for all supported on-premises SharePoint versions immediately.
Furthermore, enabling AMSI (Antimalware Scan Interface) integration with Microsoft Defender across all SharePoint servers is recommended to block exploit paths and facilitate active detection of threats. If enabling AMSI is not feasible, organizations should consider disconnecting SharePoint servers from the internet to prevent potential exploitation.
It is important to note that Microsoft 365 SharePoint Online is not affected by these vulnerabilities, which provides some relief for users of the cloud-based service.
As organizations assess their security postures, the rapid exploitation of CVE-2025-53770 and CVE-2025-53771 serves as a stark reminder of the ever-evolving nature of cyber threats. Immediate action is critical to safeguard sensitive data and maintain operational integrity within affected systems.
Urgent Police Response Resolved in North Bay Apartment Incident
St. Charles Scarecrow Weekend Seeks Volunteers for 40th Celebration
Oak Bay Students Showcase Coming-of-Age Stories in 2025-26 Season
New Research Confirms Age-Old Adage: Enemy of My Enemy Is My Friend
Veteran Journalist Beverly Thomson Passes Away at 61 After Cancer Battle
New Federal Housing Agency Aims to Tackle Crisis in Canada
Bears Crushed 52-21 in Ben Johnson’s Return to Detroit
Oswego Police Issue 59 Seat Belt Citations Over Labor Day Weekend
Thousands Unite in Waterloo for Terry Fox Run, Raising $162K
Scientists Unearth Ancient Antarctic Ice to Unlock Climate Secrets
Trump and McCormick to Announce $70 Billion Energy Investments
TransLink Launches Food Truck Program to Boost Revenue in Vancouver
Four Astronauts Return to Earth After International Space Station Mission
Apple Notes Enhances Functionality with Markdown Support in macOS 26
Search Underway for Missing Hunter Amid Hokkaido Bear Emergency
Ukrainian Tennis Star Elina Svitolina Faces Death Threats Online
Frosthaven Launches Early Access on July 31, 2025
Carney Engages First Nations Leaders at Development Law Summit
-
World2 months agoScientists Unearth Ancient Antarctic Ice to Unlock Climate Secrets
-
Entertainment2 months agoTrump and McCormick to Announce $70 Billion Energy Investments
-
Lifestyle2 months agoTransLink Launches Food Truck Program to Boost Revenue in Vancouver
-
Science2 months agoFour Astronauts Return to Earth After International Space Station Mission
-
Technology2 weeks agoApple Notes Enhances Functionality with Markdown Support in macOS 26
-
Sports2 months agoSearch Underway for Missing Hunter Amid Hokkaido Bear Emergency
-
Politics1 month agoUkrainian Tennis Star Elina Svitolina Faces Death Threats Online
-
Technology2 months agoFrosthaven Launches Early Access on July 31, 2025
-
Politics2 months agoCarney Engages First Nations Leaders at Development Law Summit
-
Entertainment2 months agoCalgary Theatre Troupe Revives Magic at Winnipeg Fringe Festival
-
Entertainment1 month agoLeon Draisaitl Marries Celeste Desjardins in Lavish Ceremony
-
Entertainment2 months agoBINI Secures Five Nominations at 2025 Jupiter Music Awards