Microsoft has addressed two critical zero-day vulnerabilities in its SharePoint software, CVE-2025-53771 and CVE-2025-53770, which have been exploited by hackers. These vulnerabilities affect on-premises SharePoint versions, with the cloud-based SharePoint Online remaining secure. CVE-2025-53771 enables spoofing of trusted users, while CVE-2025-53770 allows for remote code execution. Cybercriminals have already attacked US federal agencies, universities, and energy companies, with documented breaches in two federal agencies. Microsoft is now working on a fix for SharePoint Server 2016 after patching other versions.
CVE-2025-53771 is a SharePoint Server spoofing vulnerability allowing attackers to impersonate trusted users or resources, while CVE-2025-53770 permits remote code execution.
Hackers have already targeted US federal agencies, universities, and energy companies, with confirmed breaches in at least two federal agencies linked to these flaws.
Microsoft is currently addressing the vulnerabilities for SharePoint Server 2016 after issuing fixes for SharePoint Server Subscription Edition and SharePoint Server 2019.
Attacks resulted in the hijacking of documents meant to improve governmental understanding, indicating the serious implications of these security flaws.
Collection
[
|
...
]