Russian Vulnerability Scanner Database

Back to List

CVE-2025-53770

Scores

EPSS

0.883high88.3%
0%20%40%60%80%100%

Percentile: 88.3%

CVSS

9.8critical3.x
0246810

CVSS Score: 9.8/10

All CVSS Scores

CVSS 3.x
9.8

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Description

Deserialization of untrusted data in on-premises Microsoft SharePoint Server allows an unauthorized attacker to execute code over a network.
Microsoft is aware that an exploit for CVE-2025-53770 exists in the wild.
Microsoft is preparing and fully testing a comprehensive update to address this vulnerability. In the meantime, please make sure that the mitigation provided in this CVE documentation is in place so that you are protected from exploitation.

Scaner-VS 7 — a modern vulnerability management solution

Uses this database for vulnerability detection. High-speed search, cross-platform, advanced configuration audit, and flexible filtering. Suitable for organizations of any size.
Learn more about Scaner-VS 7

Sources

msrcnvd

CWEs

502CWE-502

Related Vulnerabilities

BDU:2025-08714

Exploits

Exploit ID: CVE-2025-53770

Source: cisa

URL: https://www.cisa.gov/known-exploited-vulnerabilities-catalog

Exploit ID: 52405

Source: exploitdb

URL: https://www.exploit-db.com/exploits/52405

Reference Links

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-53770
https://arstechnica.com/security/2025/07/sharepoint-vulnerability-with-9-8-severity-rating-is-under-exploit-across-the-globe/
https://github.com/kaizensecurity/CVE-2025-53770
https://msrc.microsoft.com/blog/2025/07/customer-guidance-for-sharepoint-vulnerability-cve-2025-53770/
https://news.ycombinator.com/item?id=44629710
https://research.eye.security/sharepoint-under-siege/
https://therecord.media/microsoft-sharepoint-zero-day-vulnerability-exploited-globally
https://www.bleepingcomputer.com/news/microsoft/microsoft-sharepoint-zero-day-exploited-in-rce-attacks-no-patch-available/
https://www.cisa.gov/news-events/alerts/2025/07/20/microsoft-releases-guidance-exploitation-sharepoint-vulnerability-cve-2025-53770
https://www.darkreading.com/remote-workforce/microsoft-rushes-emergency-fix-exploited-sharepoint-toolshell-flaw
https://www.forbes.com/sites/daveywinder/2025/07/20/microsoft-confirms-ongoing-mass-sharepoint-attack---no-patch-available/
https://x.com/Shadowserver/status/1946900837306868163
https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2025-53770

Vulnerable Software (49)

Type: Configuration

Vendor: *

Product: sharepoint_server

Operating System: * * *

Trait: 
{  "cpe_match": [    {      "cpe23uri": "cpe:2.3:a:microsoft:sharepoint_server:*:*:*:*:subscription:*:*:*",      "versionEndExcluding": "16.0.18526.20508",      "vulnerable": true    },    {  ...

Source: nvd

Type: Windows KB

Vendor: Microsoft

Product: Windows

Version: 16.0.18526.20508

Operating System: Windows 18526 build 20508

Identifier: KB5002768

Source: msrc

Type: Windows KB

Vendor: Microsoft

Product: Windows

Version: 16.0.19127.20338

Operating System: Windows 19127 build 20338

Identifier: KB5002800

Source: msrc

Type: Windows KB

Vendor: Microsoft

Product: Windows

Version: 16.0.18526.20518

Operating System: Windows 18526 build 20518

Identifier: KB5002773

Source: msrc

Type: Windows KB

Vendor: Microsoft

Product: Windows

Version: 16.0.19725.20210

Operating System: Windows 19725 build 20210

Identifier: KB5002853

Source: msrc

Type: Windows KB

Vendor: Microsoft

Product: Windows

Version: 16.0.19127.20378

Operating System: Windows 19127 build 20378

Identifier: KB5002815

Source: msrc

Type: Windows KB

Vendor: Microsoft

Product: Windows

Version: 16.0.19127.20100

Operating System: Windows 19127 build 20100

Identifier: KB5002784

Source: msrc

Type: Windows KB

Vendor: Microsoft

Product: Windows

Version: 16.0.19127.20442

Operating System: Windows 19127 build 20442

Identifier: KB5002822

Source: msrc

Type: Windows KB

Vendor: Microsoft

Product: Windows

Version: 16.0.19725.20076

Operating System: Windows 19725 build 20076

Identifier: KB5002843

Source: msrc

Type: Windows KB

Vendor: Microsoft

Product: Windows

Version: 16.0.19127.20518

Operating System: Windows 19127 build 20518

Identifier: KB5002833

Source: msrc

Type: Windows KB

Vendor: Microsoft

Product: Windows

Version: 16.0.19127.20262

Operating System: Windows 19127 build 20262

Identifier: KB5002786

Source: msrc

Type: Windows KB

Vendor: Microsoft

Product: Windows

Version: 16.0.10417.20037

Operating System: Windows 10417 build 20037

Identifier: KB5002754

Source: msrc

Type: Windows KB

Vendor: Microsoft

Product: Windows

Version: 16.0.10417.20037

Operating System: Windows 10417 build 20037

Identifier: KB5002753

Source: msrc

Type: Windows KB

Vendor: Microsoft

Product: Windows

Version: 16.0.10417.20114

Operating System: Windows 10417 build 20114

Identifier: KB5002854

Source: msrc

Type: Windows KB

Vendor: Microsoft

Product: Windows

Version: 16.0.10417.20068

Operating System: Windows 10417 build 20068

Identifier: KB5002803

Source: msrc

Type: Windows KB

Vendor: Microsoft

Product: Windows

Version: 16.0.10417.20047

Operating System: Windows 10417 build 20047

Identifier: KB5002774

Source: msrc

Type: Windows KB

Vendor: Microsoft

Product: Windows

Version: 16.0.10417.20097

Operating System: Windows 10417 build 20097

Identifier: KB5002836

Source: msrc

Type: Windows KB

Vendor: Microsoft

Product: Windows

Version: 16.0.10417.20114

Operating System: Windows 10417 build 20114

Identifier: KB5002856

Source: msrc

Type: Windows KB

Vendor: Microsoft

Product: Windows

Version: 16.0.10417.20075

Operating System: Windows 10417 build 20075

Identifier: KB5002802

Source: msrc

Type: Windows KB

Vendor: Microsoft

Product: Windows

Version: 16.0.10417.20041

Operating System: Windows 10417 build 20041

Identifier: KB5002769

Source: msrc