CVE-2025-53771

Microsoft issues emergency patches for SharePoint Microsoft disclosed and patched two zero-day SharePoint flaws—CVE-2025-53770 (CVSS 9.8) and CVE-2025-53771—actively exploited since July 18 in attacks dubbed “ToolShell.” CVE-2025-53770 allows unauthenticated remote code

Two critical vulnerabilities CVE-2025-53770 and CVE-2025-53771 target Microsoft SharePoint Servers allowing attackers to upload malicious files and extract cryptographic secrets. These flaws are evolved versions of previously patched issues CVE-2025-4970

Ataque cibernético em massa afeta SharePoint on-premises. Hackers exploram falha zero-day (CVE-2025-53771) roubando chaves e instalando backdoors. Leia mais em : https://t.co/m7rjeKqAuH https://t.co/7CR77lLOvY

Customer guidance for SharePoint vulnerability CVE-2025-53770 Microsoft has released security updates that fully protect customers using all supported versions of SharePoint affected by CVE-2025-53770 and CVE-2025-53771. https://t.co/2FrzZvhZmP https://t.co/1pk6aWhmP9

Widespread ToolShell zero-day attacks exploiting CVE-2025-53770 and CVE-2025-53771 have targeted unpatched SharePoint servers globally since July, mainly threatening high-value organizations. Ongoing confusion persists over attack specifics. #ToolShell #… https://t.co/EaCQde1wD

Two critical zero-day vulnerabilities in on-premises Microsoft SharePoint (CVE-2025-53770 & CVE-2025-53771) are actively exploited via the ToolShell chain. Microsoft released emergency patches to address these bypass variants. #SharePoint #ZeroDay https://t.co/E2UITlBpKC

Critical vulnerabilities CVE-2025-53770 and CVE-2025-53771 in on-premise Microsoft SharePoint Servers enable unauthenticated remote code execution through deserialization and ViewState abuse. These flaws stem from incomplete patches. #SharePoint #CyberRisk https://t.co/uz2znldWxv

Microsoft released emergency patches on July 21, 2025, for two critical SharePoint vulnerabilities, CVE-2025-53770 (CVSS 9.8) and CVE-2025-53771 (CVSS 6.3), affecting on-premises SharePoint Server 2019 and Subscription Edition, per Microsoft. Over 85 servers across 29 https://t

#SharePoint: Microsoft releases emergency patches for widely exploited SharePoint Remote Code Execution vulnerabilities CVE-2025-53770 and CVE-2025-53771 (aka #ToolShell) - patch now! 👇 https://t.co/oNOZLumuEh

🚨 Research update: #ToolShell is back, and it just leveled up. Two new vulnerabilities in Microsoft SharePoint Server, CVE-2025-53770 (RCE) and CVE-2025-53771 (auth bypass), are being actively exploited in the wild. 🔓 Attackers are chaining them to >> • Bypass aut

📌 Microsoft releases emergency security updates for SharePoint to fix two zero-day vulnerabilities (CVE-2025-53770 and CVE-2025-53771) exploited in global "ToolShell" attacks. #CyberSecurity #SharePoint https://t.co/TLr4I54nDv https://t.co/QgXUcvVd1P

«Microsoft ha publicado actualizaciones de seguridad que protegen completamente a los clientes que usan SharePoint Subscription Edition y SharePoint 2019 contra los riesgos CVE-2025-53770 y CVE-2025-53771». (Inglés) Vía: @msftsecresponse, @jc_vazquez https://t.co/o5RJBcsI

#ICYMI Microsoft publicó actualizaciones de seguridad urgentes para SharePoint para dos vulnerabilidades de día cero, identificadas como CVE-2025-53770 y CVE-2025-53771, que han comprometido servicios en todo el mundo mediante ataques "ToolShell". ⚠️ https://t.co/zpW0zKN0am

🚨 SECURITY ALERT: Two new Microsoft SharePoint On-Prem vulnerabilities — CVE-2025-53770 & CVE-2025-53771 — are being actively exploited in the wild. One is rated Critical (CVSS 9.8) and bypasses July’s patches. Meanwhile, Trend Micro offers proactive protection beyo

🚨 Active Exploits Hit @Microsoft @SharePoint Servers New RCE zero-days CVE-2025-53770 & CVE-2025-53771 are being chained to hijack on-prem SharePoint instances globally. 🧵 • Exploits bypass July patches • CVE-2025-53770 = deserialization flaw • Used to steal Mac

DoJ partner agencies report widespread SharePoint compromises across federal and energy sectors. CVE-2025-53770 and CVE-2025-53771 represent variants that bypass Microsoft's July Patch Tuesday fixes for the original "ToolShell" exploit chain demonstrated at Pwn2Own Berlin. CISA

Microsoft releases emergency patch: 0-day vulnerabilities in SharePoint used in RCE attacks Critical zero-day vulnerabilities in Microsoft SharePoint (CVE-2025-53770 and CVE-2025-53771) have been actively exploited since the end of last week, and at least 85 servers have been htt

🚨 CRITICAL: Microsoft releases emergency SharePoint patches for CVE-2025-53770 & CVE-2025-53771 📖 Full analysis: https://t.co/XquMN3Y43A 🎧 https://t.co/2UJ3S4KxTo #SharePoint #CyberSecurity #ZeroDay https://t.co/1Kv0ZWqcsk

Active exploits target a zero-day in on-premise SharePoint servers worldwide, risking persistent access and key theft. Microsoft issued patches for CVE-2025-53770 and CVE-2025-53771. Countries and organizations advised to act. #SharePointRisk #CyberAlert https://t.co/6k9fCPvGtv

Microsoft has now released emergency security updates that fully protect those using SharePoint Subscription Edition and SharePoint 2019 against the risks posed by CVE-2025-53770, and CVE-2025-53771. UPDATE NOW!! https://t.co/MyoAtLQRPp https://t.co/07vFpriHQr

Microsoft выпускает экстренный патч: 0-day уязвимости в SharePoint использовались в RCE-атаках Обнаружено, что критические уязвимости нулевого дня в Microsoft SharePoint (CVE-202

Consultez le dernier article de ma newsletter : 🚨 ALERTE DE SÉCURITÉ – Failles critiques sur SharePoint Server (CVE-2025-53770 et CVE-2025-53771) https://t.co/pM5n1bpfr5 via @LinkedIn

Microsoft has issued a security update for SharePoint Subscription Edition which mitigates CVE-2025-53770 and CVE-2025-53771. Defenders should apply the update immediately.🫡 #Cybersecurity #Sharepoint #toolshell https://t.co/yBdKOyMZts https://t.co/8U5nNsUWCQ

🚨 Do you manage an on-prem SharePoint server? Critical 0-day under mass exploitation - patch now Read more: https://t.co/lsPthuAucK 1. Active zero-day attacks targeting on-premises SharePoint servers via CVE-2025-53770 and CVE-2025-53771. 2. Apply security updates https://t

CVE-2025-53771 Microsoft SharePoint Server Spoofing Vulnerability https://t.co/KUJ5zDtREA #cyberrisk #cybersecurity

📢 ALERT: Microsoft warns of active attacks exploiting a zero-day flaw in on-premises #SharePoint servers (CVE-2025-53770 & CVE-2025-53771). No patch yet for some versions, advises disconnecting servers from the internet if unable to enable recommended malware protection.

📌 أصدرت مايكروسوفت تحديثات طارئة لأمان SharePoint لمعالجة ثغرتين بخاصة، وهما CVE-2025-53770 وCVE-2025-53771، اللتين استُغلتا في هجمات "ToolShell" وأثرت على الخدمات على مستوى ا

Microsoft has released security updates that fully protect customers using SharePoint Subscription Edition and SharePoint 2019 against the risks posed by CVE-2025-53770, and CVE-2025-53771. These vulnerabilities apply to on-premises SharePoint Servers only. Customers should apply

CVE-2025-53771 Improper limitation of a pathname to a restricted directory ('path traversal') in Microsoft Office SharePoint allows an authorized attacker to perform spoofing over a… https://t.co/ntyEKRjF51