Hackers Exploit SharePoint Zero-Day Since July 7 to Steal Keys, Maintain Persistent Access

July 22, 2025 invoker category_news

Security Update News

Update Information

Title Hackers Exploit SharePoint Zero-Day Since July 7 to Steal Keys, Maintain Persistent Access
Update ID THN:C6690DBDD7C7BF960335810907C2583F
Type thn
Published 2025-07-22T07:59:00
Last Updated 2025-07-22T08:26:19

Security Impact

CVSS Score 9.8
Severity CRITICAL

AI Analysis

AI Description A critical zero-day vulnerability in Microsoft SharePoint Server is being actively exploited to steal cryptographic keys and maintain persistent access. This vulnerability allows attackers to execute remote code and escalate privileges, putting sensitive organizational data at risk.
AI Severity Critical
AI Vendor Microsoft
AI Product Microsoft SharePoint Server
AI Version CVE-2025-53770, CVE-2025-49704

Affected CVEs

  • CVE-2025-4427
  • CVE-2025-4428
  • CVE-2025-49704
  • CVE-2025-49706
  • CVE-2025-53770
  • CVE-2025-53771

Update Details

View Advisory Details

💭 Join the Security Discussion

🔒 Your email address will not be published. Required fields are marked *

⚠️ Please be respectful and constructive in your comments. Security discussions should remain professional.