CVE-2025-53770
Published Jul 20, 2025
Last updated 5 months ago
- Description
- Deserialization of untrusted data in on-premises Microsoft SharePoint Server allows an unauthorized attacker to execute code over a network. Microsoft is aware that an exploit for CVE-2025-53770 exists in the wild. Microsoft is preparing and fully testing a comprehensive update to address this vulnerability. In the meantime, please make sure that the mitigation provided in this CVE documentation is in place so that you are protected from exploitation.
- Source
- secure@microsoft.com
- NVD status
- Modified
- Products
- sharepoint_server
CVSS 3.1
- Type
- Secondary
- Base score
- 9.8
- Impact score
- 5.9
- Exploitability score
- 3.9
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
- Severity
- CRITICAL
Data from CISA
- Vulnerability name
- Microsoft SharePoint Deserialization of Untrusted Data Vulnerability
- Exploit added on
- Jul 20, 2025
- Exploit action due
- Jul 21, 2025
- Required action
- Disconnect public-facing versions of SharePoint Server that have reached their end-of-life (EOL) or end-of-service (EOS) to include SharePoint Server 2013 and earlier versions. For supported versions, please follow the mitigations according to CISA (URL listed below in Notes) and vendor instructions (URL listed below in Notes). Adhere to the applicable BOD 22-01 guidance for cloud services or discontinue use of the product if mitigations are not available.
- secure@microsoft.com
- CWE-502
- Hype score
- Not currently trending
【アーカイブ】 SharePointの最新ゼロデイ脆弱性とは?CVE-2025-53770/53771の概要と企業が取るべき対策を解説 https://t.co/EV97abnlK5 #ブログ仲間と繋がりたい #Webライター
@CyberNote_media
16 Mar 2026
29 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
【アーカイブ】 SharePointの最新ゼロデイ脆弱性とは?CVE-2025-53770/53771の概要と企業が取るべき対策を解説 https://t.co/EV97abmNUx #ブログ仲間と繋がりたい #Webライター
@CyberNote_media
14 Mar 2026
166 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
【アーカイブ】 【アーカイブ】 SharePointの最新ゼロデイ脆弱性とは?CVE-2025-53770/53771の概要と企業が取るべき対策を解説 https://t.co/EV97abmNUx #ブログ仲間と繋がりたい #Webライター
@CyberNote_media
11 Mar 2026
129 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
TRC analysis shows attackers exploited CVE-2025-53770 to execute code on SharePoint servers, then extracted machine keys to forge authentication tokens. This enabled lateral movement across networks to deploy ransomware. Runtime segmentation helps contain such post-compromise
@aviatrixtrc
10 Mar 2026
114 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
【アーカイブ】 【アーカイブ】 SharePointの最新ゼロデイ脆弱性とは?CVE-2025-53770/53771の概要と企業が取るべき対策を解説 https://t.co/EV97abnlK5 #ブログ仲間と繋がりたい #Webライター
@CyberNote_media
5 Mar 2026
89 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
【アーカイブ】 【アーカイブ】 SharePointの最新ゼロデイ脆弱性とは?CVE-2025-53770/53771の概要と企業が取るべき対策を解説 https://t.co/EV97abnlK5 #ブログ仲間と繋がりたい #Webライター
@CyberNote_media
3 Mar 2026
80 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
【アーカイブ】 【アーカイブ】 SharePointの最新ゼロデイ脆弱性とは?CVE-2025-53770/53771の概要と企業が取るべき対策を解説 https://t.co/EV97abmNUx #ブログ仲間と繋がりたい #Webライター
@CyberNote_media
2 Mar 2026
108 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
A new report reveals that attackers focus on a tiny fraction of security flaws, exploiting just 1% of discovered vulnerabilities. These targeted flaws — React2Shell (CVE-2025-55182), Microsoft SharePoint (CVE-2025-53770), and SAP NetWeaver (CVE-2025-31324) — are exploited
@cybernewslive
26 Feb 2026
70 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
【アーカイブ】 【アーカイブ】 SharePointの最新ゼロデイ脆弱性とは?CVE-2025-53770/53771の概要と企業が取るべき対策を解説 https://t.co/EV97abmNUx #ブログ仲間と繋がりたい #Webライター
@CyberNote_media
24 Feb 2026
38 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
【アーカイブ】 【アーカイブ】 SharePointの最新ゼロデイ脆弱性とは?CVE-2025-53770/53771の概要と企業が取るべき対策を解説 https://t.co/NCC59MrmLD #ブログ仲間と繋がりたい #Webライター
@Teeeda_worker
15 Feb 2026
45 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
【アーカイブ】 【アーカイブ】 SharePointの最新ゼロデイ脆弱性とは?CVE-2025-53770/53771の概要と企業が取るべき対策を解説 https://t.co/EV97abmNUx #ブログ仲間と繋がりたい #Webライター
@CyberNote_media
12 Feb 2026
44 Impressions
0 Retweets
2 Likes
0 Bookmarks
0 Replies
0 Quotes
【アーカイブ】 【アーカイブ】 SharePointの最新ゼロデイ脆弱性とは?CVE-2025-53770/53771の概要と企業が取るべき対策を解説 https://t.co/NCC59MrmLD #ブログ仲間と繋がりたい #Webライター
@Teeeda_worker
5 Feb 2026
71 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
【アーカイブ】 【アーカイブ】 SharePointの最新ゼロデイ脆弱性とは?CVE-2025-53770/53771の概要と企業が取るべき対策を解説 https://t.co/EV97abnlK5 #ブログ仲間と繋がりたい #Webライター
@CyberNote_media
4 Feb 2026
34 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
【アーカイブ】 【アーカイブ】 SharePointの最新ゼロデイ脆弱性とは?CVE-2025-53770/53771の概要と企業が取るべき対策を解説 https://t.co/EV97abmNUx #ブログ仲間と繋がりたい #Webライター
@CyberNote_media
23 Jan 2026
54 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Check out my latest article: CVE-2025-53770 Vulnerability https://t.co/vIps24QEFs via @LinkedIn
@Mania4Pakistan
20 Jan 2026
35 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
2025 has seen many great web security findings. Honored that @_l0gg's SharePoint ToolShell pre-auth RCE (CVE-2025-53770) is nominated for @PortSwigger Top 10 Web Hacking Techniques 2025. If you're in the community, your vote would mean a lot: https://t.co/amYMLrKrOv Thanks!
@vcslab
19 Jan 2026
451 Impressions
1 Retweet
11 Likes
1 Bookmark
0 Replies
0 Quotes
【アーカイブ】 【アーカイブ】 SharePointの最新ゼロデイ脆弱性とは?CVE-2025-53770/53771の概要と企業が取るべき対策を解説 https://t.co/NCC59MrmLD #ブログ仲間と繋がりたい #Webライター
@Teeeda_worker
17 Jan 2026
45 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
【アーカイブ】 【アーカイブ】 SharePointの最新ゼロデイ脆弱性とは?CVE-2025-53770/53771の概要と企業が取るべき対策を解説 https://t.co/NCC59MrmLD #ブログ仲間と繋がりたい #Webライター
@Teeeda_worker
13 Jan 2026
51 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
【アーカイブ】 【アーカイブ】 SharePointの最新ゼロデイ脆弱性とは?CVE-2025-53770/53771の概要と企業が取るべき対策を解説 https://t.co/NCC59MrmLD #ブログ仲間と繋がりたい #Webライター
@Teeeda_worker
8 Jan 2026
16 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
#RT @Binary_Defense: CVE-2025-53770 looks new. The behavior isn’t. Deserialization abuse, LOLBins, persistence. We have seen this cycle before and we will see it again. The lesson is not about the CVE. It is about detecting patterns, not payloads. Read t… https://t.co/pRpW0Sq
@f1tym1
7 Jan 2026
11 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-53770 looks new. The behavior isn’t. Deserialization abuse, LOLBins, persistence. We have seen this cycle before and we will see it again. The lesson is not about the CVE. It is about detecting patterns, not payloads. Read the blog. https://t.co/lrXeKPY9R7 https://t.co
@Binary_Defense
7 Jan 2026
1183 Impressions
4 Retweets
6 Likes
2 Bookmarks
1 Reply
0 Quotes
The Enterprise Nightmare (SharePoint RCE) The "ToolShell" exploit chain allows attackers to take control of SharePoint servers. CVE-2025-53770 Impact: Remote Code Execution Vector: Network Get the remediation details: https://t.co/4oAqqkual7 #Microsoft #SharePoint #SysAdmin
@cvedatabase
6 Jan 2026
0 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
【アーカイブ】 【アーカイブ】 SharePointの最新ゼロデイ脆弱性とは?CVE-2025-53770/53771の概要と企業が取るべき対策を解説 https://t.co/NCC59MrmLD #ブログ仲間と繋がりたい #Webライター
@Teeeda_worker
5 Jan 2026
39 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
2025年 実際に悪用された高リスク脆弱性 Top10 1 Langflow 未認証コード実行 CVE-2025-3248 2 Microsoft SharePoint Server RCE(ToolShell) CVE-2025-53770 / CVE-2025-53771 3 sudo 権限昇格(chroot処理不備) CVE-2025-32463 4 Docker Desktop コンテ
@yousukezan
1 Jan 2026
1476 Impressions
1 Retweet
15 Likes
7 Bookmarks
0 Replies
0 Quotes
As 2025 draws to a close, this article wraps up the year's most devastating cybersecurity incident: the SharePoint CVE-2025-53770 zero-day that Chinese hackers exploited to breach America's nuclear infrastructure. SharePoint Backdoor to Doomsday reveals how legacy code became a h
@DecodedIntel
31 Dec 2025
76 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
【アーカイブ】 【アーカイブ】 SharePointの最新ゼロデイ脆弱性とは?CVE-2025-53770/53771の概要と企業が取るべき対策を解説 https://t.co/NCC59MrUBb #ブログ仲間と繋がりたい #Webライター
@Teeeda_worker
20 Dec 2025
45 Impressions
0 Retweets
3 Likes
0 Bookmarks
0 Replies
0 Quotes
【アーカイブ】 【アーカイブ】 SharePointの最新ゼロデイ脆弱性とは?CVE-2025-53770/53771の概要と企業が取るべき対策を解説 https://t.co/EV97abmNUx #ブログ仲間と繋がりたい #Webライター
@CyberNote_media
18 Dec 2025
47 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
【アーカイブ】 【アーカイブ】 SharePointの最新ゼロデイ脆弱性とは?CVE-2025-53770/53771の概要と企業が取るべき対策を解説 https://t.co/NCC59MrmLD #ブログ仲間と繋がりたい #Webライター
@Teeeda_worker
12 Dec 2025
25 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
【アーカイブ】 【アーカイブ】 SharePointの最新ゼロデイ脆弱性とは?CVE-2025-53770/53771の概要と企業が取るべき対策を解説 https://t.co/EV97abnlK5 #ブログ仲間と繋がりたい #Webライター
@CyberNote_media
8 Dec 2025
53 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Actor Exploiting ToolShell Vulnerability (SharePoint CVE-2025-53770) AS 213799 ( Conhost Bilgi Teknolojileri Veri Merkezi Hizmetleri Ve Danismanlik Limited Sirketi ) 🇹🇷 0/95 Detections on VT 🟢 Link 👇https://t.co/ZNsyU43lDp
@DefusedCyber
4 Dec 2025
2040 Impressions
8 Retweets
28 Likes
9 Bookmarks
0 Replies
0 Quotes
【アーカイブ】 【アーカイブ】 SharePointの最新ゼロデイ脆弱性とは?CVE-2025-53770/53771の概要と企業が取るべき対策を解説 https://t.co/EV97abnlK5 #ブログ仲間と繋がりたい #Webライター
@CyberNote_media
4 Dec 2025
41 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
#DFIR #Blue_Team_Techniques #Purple_Team_Exercises 1⃣ Hunting for SharePoint In-Memory ToolShell Payloads (CVE-2025-53770, CVE-2025-53771) https://t.co/1H3yTQ1eGr // A walk-through showing how to analyze ToolShell payloads, starting with acquiring packets all the way to decodi
@ksg93rd
3 Dec 2025
616 Impressions
3 Retweets
2 Likes
3 Bookmarks
0 Replies
0 Quotes
新報告:SharePointのToolShell脆弱性 (CVE-2025-53770/53771) を狙い、Webシェルではなくインメモリ実行型ペイロードが使われている。ネットワークログ&PCAPでのハンティング必須。#SharePoint #ToolShell #SANSISC https://t.co/ch0
@01ra66it
2 Dec 2025
533 Impressions
1 Retweet
3 Likes
1 Bookmark
0 Replies
0 Quotes
【アーカイブ】 最新の脆弱性と対策を素早くキャッチ!ぜひ確認を。 SharePointの最新ゼロデイ脆弱性とは?CVE-2025-53770/53771の概要と企業が取るべき対策を解説 https://t.co/NCC59MrmLD #cybernote #ブログ仲間と繋がり
@Teeeda_worker
17 Nov 2025
29 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
【アーカイブ】 最新ゼロデイ脆弱性の詳細と対策法を徹底解説! SharePointの最新ゼロデイ脆弱性とは?CVE-2025-53770/53771の概要と企業が取るべき対策を解説 https://t.co/NCC59MrmLD #cybernote #ブログ仲間と繋がりたい #
@Teeeda_worker
15 Nov 2025
23 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
【アーカイブ】 最新のSharePoint脆弱性とその対策を詳しく解説! SharePointの最新ゼロデイ脆弱性とは?CVE-2025-53770/53771の概要と企業が取るべき対策を解説 https://t.co/NCC59MrmLD #cybernote #ブログ仲間と繋がりたい #We
@Teeeda_worker
14 Nov 2025
4 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
【アーカイブ】 注目のSharePoint脆弱性と対策法を解説! SharePointの最新ゼロデイ脆弱性とは?CVE-2025-53770/53771の概要と企業が取るべき対策を解説 https://t.co/EV97abnlK5 #cybernote #ブログ仲間と繋がりたい #Webライタ
@CyberNote_media
11 Nov 2025
27 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 Back in July, our team detected and blocked widespread exploitation of an MS SharePoint zero-day chain (CVE-2025-49706, CVE-2025-49704, CVE-2025-53770, & CVE-2025-53771) targeting multiple sectors. 🔗 Get full details and mitigation guidance: https://t.co/FJO0hXZQjF h
@FortiGuardLabs
10 Nov 2025
241 Impressions
1 Retweet
1 Like
0 Bookmarks
0 Replies
0 Quotes
【アーカイブ】 SharePointの脆弱性対策を確認しましょう! SharePointの最新ゼロデイ脆弱性とは?CVE-2025-53770/53771の概要と企業が取るべき対策を解説 https://t.co/EV97abnlK5 #cybernote #ブログ仲間と繋がりたい #Webライ
@CyberNote_media
9 Nov 2025
35 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
【アーカイブ】 SharePoint脆弱性の対策を詳しく解説!企業必見です。 SharePointの最新ゼロデイ脆弱性とは?CVE-2025-53770/53771の概要と企業が取るべき対策を解説 https://t.co/EV97abmNUx #cybernote #ブログ仲間と繋がりた
@CyberNote_media
8 Nov 2025
26 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
【アーカイブ】 最新ゼロデイ脆弱性への対策を詳しく解説!企業必見です。 SharePointの最新ゼロデイ脆弱性とは?CVE-2025-53770/53771の概要と企業が取るべき対策を解説 https://t.co/EV97abmNUx #cybernote #ブログ仲間と
@CyberNote_media
7 Nov 2025
24 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Actively exploited CVE : CVE-2025-53770
@transilienceai
4 Nov 2025
21 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
Actively exploited CVE : CVE-2025-53770
@transilienceai
3 Nov 2025
32 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
Actively exploited CVE : CVE-2025-53770
@transilienceai
2 Nov 2025
25 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
Actively exploited CVE : CVE-2025-53770
@transilienceai
1 Nov 2025
34 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
🚨 Grupos chinos explotan CVE-2025-53770 en SharePoint semanas después del parche. 🔐 Espionaje, robo de credenciales y persistencia encubierta. ✔ Parchea y audita servicios expuestos. #Ciberseguridad #SharePoint #CVE202553770 https://t.co/wlIQlU2rAq
@trustlock_sec
30 Oct 2025
65 Impressions
0 Retweets
3 Likes
0 Bookmarks
0 Replies
0 Quotes
Chinese threat actors swiftly exploited the ToolShell SharePoint vulnerability (CVE-2025-53770), targeting a Middle East telecoms firm and government agencies with Zingdoor backdoor, ShadowPad Trojan, and KrustyLoader malware. Act fast: patch SharePoint, watch for #CyberSecurity
@bigmacd16684
29 Oct 2025
1 Impression
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Actively exploited CVE : CVE-2025-53770
@transilienceai
26 Oct 2025
30 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
Warlock ransomware, associated with Chinese threat actors, is exploiting a zero-day in Microsoft SharePoint (vulnerability (CVE-2025-53770)) to deploy ransomware across diverse sectors, exposing organizations to data encryption and exfiltration. This sophisticated attack
@cybernewslive
25 Oct 2025
94 Impressions
1 Retweet
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Hackearon una planta de armas nucleares de EE. UU. a través de vulnerabilidades en Microsoft SharePoint Los atacante se cree que están asociados con China han aprovechado la vulnerabilidad ToolShell ( CVE-2025-53770 ) https://t.co/zFnkxtaFIN
@elhackernet
25 Oct 2025
9711 Impressions
62 Retweets
210 Likes
49 Bookmarks
2 Replies
2 Quotes
[
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:microsoft:sharepoint_server:*:*:*:*:subscription:*:*:*",
"matchCriteriaId": "E1677A89-14A2-496E-A2EB-387B1BFE876C",
"versionEndExcluding": "16.0.18526.20508",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:sharepoint_server:2016:*:*:*:enterprise:*:*:*",
"matchCriteriaId": "F815EF1D-7B60-47BE-9AC2-2548F99F10E4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:sharepoint_server:2019:*:*:*:*:*:*:*",
"matchCriteriaId": "6122D014-5BF1-4AF4-8B4D-80205ED7785E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
]