Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Kyaw_Myo_Oo
Advocate I
‎07-20-2025 02:48 PM
‎07-20-2025 02:48 PM

Microsoft Releases Guidance on Exploitation of SharePoint Vulnerability (CVE-2025-53770)

Dear All,

 

CISA is aware of active exploitation of a new remote code execution (RCE) vulnerability enabling unauthorized access to on-premise SharePoint servers. While the scope and impact continue to be assessed, the new Common Vulnerabilities and Exposures (CVE), CVE-2025-53770, is a variant of the existing vulnerability CVE-2025-49706 and poses a risk to organizations. This exploitation activity, publicly reported as “ToolShell,” provides unauthenticated access to systems and enables malicious actors to fully access SharePoint content, including file systems and internal configurations, and execute code over the network.

 

https://www.cisa.gov/news-events/alerts/2025/07/20/microsoft-releases-guidance-exploitation-sharepoi...


https://research.eye.security/sharepoint-under-siege/

 

https://github.com/PaloAltoNetworks/Unit42-timely-threat-intel/blob/main/2025-07-19-Microsoft-ShareP...

 

It's always great to learn from each other, share experiences, and stay updated. Let's learn and explore together!

 

 

 

Kyaw Myo Oo
Information Security Officer , CB BANK PCL
CCIE #58769 | CISSP | CRISC | PMP | CCSM | SAA-C03 | PCNSE
https://www.linkedin.com/in/kyaw-myo-oo/
Reply
1 Reply
Caute_cautim
Community Champion
‎07-20-2025 04:21 PM
‎07-20-2025 04:21 PM

@Kyaw_Myo_Oo    the motto about not putting all your eggs into the same basket is also relevant too.

 

Regards

 

Caute_cautim

Reply