CVE-2025-53770

{"cve": {"data_type": "CVE", "references": {"reference_data": [{"url": "https://arstechnica.com/security/2025/07/sharepoint-vulnerability-with-9-8-severity-rating-is-under-exploit-across-the-globe/", "name": "https://arstechnica.com/security/2025/07/sharepoint-vulnerability-with-9-8-severity-rating-is-under-exploit-across-the-globe/", "tags": ["Exploit", "Press/Media Coverage"], "refsource": ""}, {"url": "https://github.com/kaizensecurity/CVE-2025-53770", "name": "https://github.com/kaizensecurity/CVE-2025-53770", "tags": ["Exploit"], "refsource": ""}, {"url": "https://msrc.microsoft.com/blog/2025/07/customer-guidance-for-sharepoint-vulnerability-cve-2025-53770/", "name": "https://msrc.microsoft.com/blog/2025/07/customer-guidance-for-sharepoint-vulnerability-cve-2025-53770/", "tags": ["Mitigation", "Vendor Advisory"], "refsource": ""}, {"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-53770", "name": "Microsoft SharePoint Server Remote Code Execution Vulnerability", "tags": ["Vendor Advisory"], "refsource": ""}, {"url": "https://news.ycombinator.com/item?id=44629710", "name": "https://news.ycombinator.com/item?id=44629710", "tags": ["Issue Tracking"], "refsource": ""}, {"url": "https://research.eye.security/sharepoint-under-siege/", "name": "https://research.eye.security/sharepoint-under-siege/", "tags": ["Exploit", "Mitigation", "Third Party Advisory"], "refsource": ""}, {"url": "https://therecord.media/microsoft-sharepoint-zero-day-vulnerability-exploited-globally", "name": "https://therecord.media/microsoft-sharepoint-zero-day-vulnerability-exploited-globally", "tags": ["Press/Media Coverage"], "refsource": ""}, {"url": "https://www.bleepingcomputer.com/news/microsoft/microsoft-sharepoint-zero-day-exploited-in-rce-attacks-no-patch-available/", "name": "https://www.bleepingcomputer.com/news/microsoft/microsoft-sharepoint-zero-day-exploited-in-rce-attacks-no-patch-available/", "tags": ["Press/Media Coverage"], "refsource": ""}, {"url": "https://www.cisa.gov/news-events/alerts/2025/07/20/microsoft-releases-guidance-exploitation-sharepoint-vulnerability-cve-2025-53770", "name": "https://www.cisa.gov/news-events/alerts/2025/07/20/microsoft-releases-guidance-exploitation-sharepoint-vulnerability-cve-2025-53770", "tags": ["Mailing List", "Third Party Advisory", "US Government Resource"], "refsource": ""}, {"url": "https://www.darkreading.com/remote-workforce/microsoft-rushes-emergency-fix-exploited-sharepoint-toolshell-flaw", "name": "https://www.darkreading.com/remote-workforce/microsoft-rushes-emergency-fix-exploited-sharepoint-toolshell-flaw", "tags": ["Press/Media Coverage"], "refsource": ""}, {"url": "https://www.forbes.com/sites/daveywinder/2025/07/20/microsoft-confirms-ongoing-mass-sharepoint-attack---no-patch-available/", "name": "https://www.forbes.com/sites/daveywinder/2025/07/20/microsoft-confirms-ongoing-mass-sharepoint-attack---no-patch-available/", "tags": ["Press/Media Coverage"], "refsource": ""}, {"url": "https://x.com/Shadowserver/status/1946900837306868163", "name": "https://x.com/Shadowserver/status/1946900837306868163", "tags": ["Third Party Advisory"], "refsource": ""}]}, "data_format": "MITRE", "description": {"description_data": [{"lang": "en", "value": "Deserialization of untrusted data in on-premises Microsoft SharePoint Server allows an unauthorized attacker to execute code over a network.\nMicrosoft is aware that an exploit for CVE-2025-53770 exists in the wild.\nMicrosoft is preparing and fully testing a comprehensive update to address this vulnerability. In the meantime, please make sure that the mitigation provided in this CVE documentation is in place so that you are protected from exploitation."}]}, "problemtype": {"problemtype_data": [{"description": []}]}, "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2025-53770", "ASSIGNER": "secure@microsoft.com"}}, "impact": {}, "publishedDate": "2025-07-20T01:15Z", "configurations": {"nodes": [{"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:a:microsoft:sharepoint_server:2019:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:microsoft:sharepoint_server:2016:*:*:*:enterprise:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:microsoft:sharepoint_server:*:*:*:*:subscription:*:*:*", "cpe_name": [], "vulnerable": true, "versionEndExcluding": "16.0.18526.20508"}]}], "CVE_data_version": "4.0"}, "lastModifiedDate": "2025-07-30T01:00Z"}