The Australian Signals Directorate’s Australian Cyber Security Centre issued a critical alert over the weekend concerning a vulnerability impacting Microsoft Office SharePoint Server products (CVE-2025-53770).
Microsoft announced its awareness of an exploit for CVE-2025-53770 that exists in the wild and has observed active attacks targeting on-premises SharePoint Server customers.
Microsoft is preparing and fully testing a comprehensive update to address this vulnerability. SharePoint Online in Microsoft 365 is not impacted. A patch is currently not available for this vulnerability.
CVE-2025-53770 involves the deserialisation of untrusted data in on-premises Microsoft SharePoint Servers allowing an unauthorised attacker to execute code over a network.
In the alert, Australian organisations are recommended to review their networks for use of vulnerable instances of the Microsoft Office SharePoint Server products and consult Microsoft’s customer advisory (CVE-2025-53770) for mitigation advice.
