What to know about ToolShell, the SharePoint threat under mass exploitation
1 min read
Summary
On Saturday it was revealed that a critical vulnerability had been found in Microsoft’s SharePoint software.
This allows malicious actors to gain admistrative privileges and complete remote code execution.
The vulnerability, known as CVE-2025-53770, has a severity rating of 9.8 out of a possible 10.
Security firm Eye Security first discovered the bug on Saturday, but believe the vulnerability has been actively exploited since at least Friday.
On Wednesday, Eye Security estimated that over 400 systems had already been compromised, with the US National Nuclear Security Administration’s network also being breached.
With SharePoint being used by over 200 million users, including a majority of Fortune 500 companies, the vulnerability is a significant risk.
