Customer guidance for SharePoint vulnerability CVE-2025-53770

July 19, 2025 invoker category_news

Security Update News

Update Information

Title Customer guidance for SharePoint vulnerability CVE-2025-53770
Update ID MSRC:7D176F117D9E9328035319E83C50F4D6
Type msrc
Published 2025-07-19T07:00:00
Last Updated 2025-07-19T07:00:00

Security Impact

CVSS Score 9.8
Severity CRITICAL

Affected CVEs

  • CVE-2025-49706
  • CVE-2025-53770

Update Details

Summary Microsoft is aware of active attacks targeting on-premises SharePoint Server customers. The attacks are exploiting a variant of CVE-2025-49706. This vulnerability has been assigned CVE-2025-53770. SharePoint Online in Microsoft 365 is not impacted. A patch is currently not available for this vulnerability. Mitigations and detections are provided below.

View Advisory Details

💭 Join the Security Discussion

🔒 Your email address will not be published. Required fields are marked *

⚠️ Please be respectful and constructive in your comments. Security discussions should remain professional.