A critical vulnerability in Microsoft SharePoint Server is being actively exploited in large-scale attacks, targeting unpatched systems. Security experts warn that this flaw could lead to remote code execution and persistent access for attackers. #CVE-2025-53770 #SharePointServer #PowerShell #RemoteCodeExecution
Keypoints
- The vulnerability CVE-2025-53770 is a zero-day flaw in on-premises Microsoft SharePoint Server.
- Attackers are exploiting the flaw to deliver ASPX payloads via PowerShell, stealing critical security keys.
- Microsoft is developing a comprehensive update but has not yet released an official patch.
- Advanced attacks chain CVE-2025-49706 and CVE-2025-49704, involving code injection and remote command execution.
- Security experts advise disabling internet access on affected servers and deploying Defender for Endpoint for protection.
Read More: https://thehackernews.com/2025/07/critical-microsoft-sharepoint-flaw.html