World
Microsoft Confirms Critical Zero-Day Vulnerabilities in SharePoint
A serious security issue has emerged with Microsoft’s SharePoint Server, revealing two critical zero-day vulnerabilities, identified as CVE-2025-53770 and CVE-2025-53771. These vulnerabilities pose significant risks, allowing threat actors to execute remote code without authentication, making it imperative for organizations to address the situation promptly.
The first vulnerability, CVE-2025-53770, has been classified as a critical Remote Code Execution (RCE) issue, receiving a CVSS score of 9.8. This flaw arises from the deserialization of untrusted data, specifically within the __VIEWSTATE field, allowing for remote exploitation without any user interaction. According to Microsoft, active exploitation of this vulnerability has been confirmed, marking it as a high-priority concern for all affected entities.
CVE-2025-53771, the second vulnerability, is also a serious issue classified with a CVSS score of 7.1. This vulnerability is characterized by improper input validation, enabling the placement of a web shell in a web-accessible folder on the SharePoint server. Like its counterpart, CVE-2025-53771 can be exploited remotely without user interaction and has also been observed in real-world attacks.
Details on Vulnerability Exploitation
Ronen Ahdut, Head of CyOps MDR at Cynet Security, provided additional insights into how these vulnerabilities function. He noted, “CVE-2025-53770 is a critical, unauthenticated vulnerability with low complexity and high impact, enabling remote code execution in on-premises Microsoft SharePoint Server.” This vulnerability has been actively utilized in attacks, indicating an urgent need for remediation.
Ahdut emphasized that threat actors are leveraging both vulnerabilities in tandem. By exploiting CVE-2025-53771, they can obtain complementary information to enhance their attack methods on CVE-2025-53770. The ongoing exploitation of these vulnerabilities highlights the critical nature of the threat landscape surrounding Microsoft SharePoint.
Recommended Mitigation Strategies
In light of these security risks, Ahdut outlined several steps organizations should take to mitigate potential impacts. He advised monitoring Microsoft’s Update Guide for ongoing patches, particularly for SharePoint 2016, and applying the July 2025 Security Updates for all supported on-premises SharePoint versions immediately.
Furthermore, enabling AMSI (Antimalware Scan Interface) integration with Microsoft Defender across all SharePoint servers is recommended to block exploit paths and facilitate active detection of threats. If enabling AMSI is not feasible, organizations should consider disconnecting SharePoint servers from the internet to prevent potential exploitation.
It is important to note that Microsoft 365 SharePoint Online is not affected by these vulnerabilities, which provides some relief for users of the cloud-based service.
As organizations assess their security postures, the rapid exploitation of CVE-2025-53770 and CVE-2025-53771 serves as a stark reminder of the ever-evolving nature of cyber threats. Immediate action is critical to safeguard sensitive data and maintain operational integrity within affected systems.
Morris Churches Unite for Annual Good Friday Walk With the Cross
Chloe Zhao’s ‘Buffy’ Reboot Cancelled: Sarah Michelle Gellar Speaks Out
Essential Ingredients for Life Found in Ryugu Asteroid Samples
Urgent Rescue: NSR Airlifts Injured Climber from Nanaimo
Riverside Heart Ball Achieves Record $815,000 for Mental Health
Cognizant Launches AI Factory to Enhance Enterprise AI Scalability
Samsung’s Galaxy Watch 9 to Feature Larger Battery Than Before
Toronto’s AIDS Memorial Faces Potential Redesign Amid Community Concerns
Bayern Munich Loses Luis Díaz Red Card Appeal Despite Referee’s Admission
Secwepemc First Nation Seeks Aboriginal Title Over Kamloops Area
Fatal Crash on Highway 11 Claims Three Lives, Major Closure Ongoing
Manitoba’s Burger Champion Shines Again Amid Dining Innovations
Canadian Curler E.J. Harnden Announces Retirement from Competition
Urgent Fire Erupts at Salvation Army on Christmas Evening
Scientists Unearth Ancient Antarctic Ice to Unlock Climate Secrets
Minister Faces Scrutiny Over Delayed Foreign Interference Watchdog Appointment
Trump and McCormick to Announce $70 Billion Energy Investments
Monika Hibbs Unveils Acres Market & Interiors in Major Rebrand
-
Politics5 months agoSecwepemc First Nation Seeks Aboriginal Title Over Kamloops Area
-
Top Stories4 months agoFatal Crash on Highway 11 Claims Three Lives, Major Closure Ongoing
-
Lifestyle7 months agoManitoba’s Burger Champion Shines Again Amid Dining Innovations
-
Sports3 months agoCanadian Curler E.J. Harnden Announces Retirement from Competition
-
Top Stories4 months agoUrgent Fire Erupts at Salvation Army on Christmas Evening
-
World9 months agoScientists Unearth Ancient Antarctic Ice to Unlock Climate Secrets
-
World5 months agoMinister Faces Scrutiny Over Delayed Foreign Interference Watchdog Appointment
-
Entertainment9 months agoTrump and McCormick to Announce $70 Billion Energy Investments
-
Lifestyle9 months agoMonika Hibbs Unveils Acres Market & Interiors in Major Rebrand
-
Science9 months agoFour Astronauts Return to Earth After International Space Station Mission
-
Lifestyle9 months agoTransLink Launches Food Truck Program to Boost Revenue in Vancouver
-
World1 month agoRanchman’s Cookhouse & Dancehall to Relocate by Early 2027