- • A critical zero-day vulnerability in Microsoft SharePoint, tracked as CVE-2025-53770, is being actively exploited, impacting at least 85 servers globally.
- • The vulnerability allows remote code execution via deserialization of untrusted data, with a CVSS score of 9.8, indicating severe risk.
- • No patch is currently available for CVE-2025-53770; however, Microsoft is preparing an update to resolve the issue.
- • Organizations using on-premises SharePoint servers must initiate immediate threat hunting and monitoring for signs of compromise.
- • This zero-day is a variant of previously patched vulnerabilities (CVE-2025-49706 and CVE-2025-49704), highlighting the need for continuous security assessments.
A critical zero-day vulnerability in Microsoft SharePoint, identified as CVE-2025-53770, is currently being exploited in the wild, affecting at least 85 organizations worldwide. This flaw enables remote code execution through deserialization of untrusted data, posing a significant risk to on-premises SharePoint servers. With no patch available yet, Microsoft is working on a resolution. Security teams must immediately conduct threat hunting and monitor for signs of compromise, as well as review security configurations and access controls. Continuous vigilance is essential, especially given the vulnerability's connection to previously patched issues.