Date Issued: July 19, 2025
Severity: Critical (CVSS 9.8)
Status: Unpatched
Impacted Product: Microsoft SharePoint Server (on-premises)
A critical vulnerability in Microsoft SharePoint Server is being actively exploited in a widespread cyberattack campaign. Tracked as CVE-2025-53770, this flaw allows hackers to take control of SharePoint servers remotely, without needing a password or login.
Even worse, there’s currently no patch available, making this a high-risk situation for any organization running on-premises SharePoint servers.
Attackers are already using this vulnerability to:
Security experts warn that compromised servers must rotate all keys and secrets once Microsoft releases a fix.
SharePoint Online (Microsoft 365) is not affected by this vulnerability.
Until Microsoft releases a fix, take these urgent steps to protect your organization:
This is a very serious, ongoing threat. Over 70 organizations, including major companies and government agencies, have already been breached. If your organization runs SharePoint Server on-prem, assume you are a target and take action now.
Do not wait for the patch. Protect your systems today.
Sources and Additional Reading:
Discover and share the latest cybersecurity trends, tips and best practices – alongside new threats to watch out for.
Vulnerability scanning and it's human led partner penetration testing (aka "pentesting") are excellent and...
Read moreArtificial Intelligence (AI) tools are entering our businesses like a new intern with great ideas but no...
Read moreCyberHoot believes security awareness should feel positive, empowering, and rewarding. Traditional phishing...
Read moreGet sharper eyes on human risks, with the positive approach that beats traditional phish testing.