9.8

CVSS Score

3.1

Basic Information

CVE ID

CVE-2025-53770

GHSA ID

EPSS Score

0.86088%

CWE

CWE-502

Published

7/19/2025

Updated

7/21/2025

KEV Status

Yes

Technology

Concerned about an active attack path?

Talk to our security experts and see Miggo in action.

Miggo Vulnerability Database

→

CVE-2025-53770

CVE-2025-53770:
Microsoft SharePoint Server Deserialization RCE Vulnerability

A critical patch bypass vulnerability that circumvents fixes for CVE-2025-49704 from the actively exploited ToolShell campaign. Deserialization of untrusted data in on-premises SharePoint Server enables unauthenticated remote code execution over the network. Microsoft confirms active exploitation in the wild. Mitigation: Enable AMSI integration with Microsoft Defender across SharePoint farms, or disconnect public-facing SharePoint servers from the internet. Microsoft 365 SharePoint Online is unaffected.

9.8

CVSS Score

3.1

Basic Information

CVE ID

CVE-2025-53770

GHSA ID

EPSS Score

0.86088%

CWE

CWE-502

Published

7/19/2025

Updated

7/21/2025

KEV Status

Yes

Technology

Technical Details

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:F/RL:W/RC:C

Vulnerability Intelligence
Miggo AI

Root Cause Analysis:

In progress

WAF Protection Rules

WAF Rule

* *riti**l p*t** *yp*ss vuln*r**ility t**t *ir*umv*nts *ix*s *or *V*-****-***** *rom t** **tiv*ly *xploit** ToolS**ll **mp*i*n. **s*ri*liz*tion o* untrust** **t* in on-pr*mis*s S**r*Point S*rv*r *n**l*s un*ut**nti**t** r*mot* *o** *x**ution ov*r t**

Reasoning

No *n*lysis *v*il**l*

9.8

Basic Information

Concerned about an active attack path?

CVE-2025-53770: Microsoft SharePoint Server Deserialization RCE Vulnerability

9.8

Basic Information

Technical Details

Vulnerability IntelligenceMiggo AI

WAF Protection Rules

WAF Rule

Reasoning

CVE-2025-53770:
Microsoft SharePoint Server Deserialization RCE Vulnerability

Vulnerability Intelligence
Miggo AI