SharePoint vulnerability with 9.8 severity rating under exploit across globe
1 min read
Summary
On Friday, 2nd September, researchers began warning about the active exploitation of a vulnerability in Microsoft SharePoint Server, which affects on-premises infrastructure customers.
The vulnerability, known as CVE-2025-53770, allows unauthorized access to SharePoint servers exposed to the internet.
Microsoft confirmed the attacks on Saturday, 3rd September, and released an emergency update to patch the vulnerability, as well as a related vulnerability, CVE-2025-53771, in SharePoint Subscription Edition and SharePoint 2019.
The exploitation chain observed is similar to attacks demonstrated at the Pwn2Own hacking competition in May, for which vulnerabilities CVE-2025-49704 and CVE-2025-49706 were partially patched by Microsoft two weeks ago.
Organizations using SharePoint 2016 should install the Antimalware Scan Interface to protect themselves from the vulnerabilities.
