CVE-2025-53770

Analyzed

Published: 20 Jul 2025, 01:06

Last modified:21 Oct 2025, 22:45

Vulnerability Summary

Overall Risk (default)

high

70/100

CVSS Score

9.8 CRITICAL

v3.1 (cve.org)

EPSS Score

90.95% CRITICAL

91% probability 0.00%

KEV

Listed

CISA

1 listing

Ransomware

Known Use

Public exploits

5 found

Dark Web

Not detected

Timeline

20 Jul 2025, 01:06

Published

Vulnerability first disclosed

20 Jul 2025, 00:00

Added to CISA KEV

Microsoft SharePoint Deserialization of Untrusted Data Vulnerability

21 Jul 2025, 00:00

CISA Remediation Due

Disconnect public-facing versions of SharePoint Server that have reached their end-of-life (EOL) or end-of-service (EOS) to include SharePoint Server 2013 and earlier versions. For supported versions, please follow the mitigations according to CISA (URL listed below in Notes) and vendor instructions (URL listed below in Notes). Adhere to the applicable BOD 22-01 guidance for cloud services or discontinue use of the product if mitigations are not available.

21 Oct 2025, 22:45

Last Modified

Vulnerability information updated

Description

CVSS Metrics

EPSS Trends

Weaknesses (CWE)

KEV Details

Exploits (5)

Affected Systems

References (13)