Date Issued: July 19, 2025
Severity: Critical (CVSS 9.8)
Status: Unpatched
Impacted Product: Microsoft SharePoint Server (on-premises)
A critical vulnerability in Microsoft SharePoint Server is being actively exploited in a widespread cyberattack campaign. Tracked as CVE-2025-53770, this flaw allows hackers to take control of SharePoint servers remotely, without needing a password or login.
Even worse, there’s currently no patch available, making this a high-risk situation for any organization running on-premises SharePoint servers.
Attackers are already using this vulnerability to:
Security experts warn that compromised servers must rotate all keys and secrets once Microsoft releases a fix.
SharePoint Online (Microsoft 365) is not affected by this vulnerability.
Until Microsoft releases a fix, take these urgent steps to protect your organization:
This is a very serious, ongoing threat. Over 70 organizations, including major companies and government agencies, have already been breached. If your organization runs SharePoint Server on-prem, assume you are a target and take action now.
Do not wait for the patch. Protect your systems today.
Sources and Additional Reading:
Discover and share the latest cybersecurity trends, tips and best practices – alongside new threats to watch out for.
In today’s cybersecurity landscape, breaches are rarely caused by a lack of technology. Instead, they stem from...
Read moreArtificial Intelligence (AI) is transforming productivity and efficiency, but it’s also arming cybercriminals...
Read morePart 2 of Our Microsoft Entra Security Series In Part 1, we explored how Microsoft’s Token Protection...
Read moreGet sharper eyes on human risks, with the positive approach that beats traditional phish testing.