Path Traversal Vulnerability in Microsoft Office SharePoint
CVE-2025-53771
What is CVE-2025-53771?
A path traversal vulnerability in Microsoft Office SharePoint is present due to improper limitations on the pathname to a restricted directory. This issue allows an authorized attacker to exploit the system, potentially performing spoofing attacks over a network. This can lead to unauthorized access and manipulation of files, compromising the integrity of the SharePoint environment.
Affected Version(s)
Microsoft SharePoint Enterprise Server 2016 x64-based Systems
Microsoft SharePoint Server 2019 x64-based Systems 16.0.0 < 16.0.10417.20037
Microsoft SharePoint Server Subscription Edition x64-based Systems 16.0.0 < 16.0.18526.20508
News Articles
Microsoft releases emergency patches for SharePoint RCE flaws exploited in attacks
Microsoft has released emergency SharePoint security updates for two zero-day vulnerabilities tracked as CVE-2025-53770Â and CVE-2025-53771 that have compromised services worldwide in
8 hours ago
The Hacker NewsMicrosoft Releases Urgent Patch for SharePoint RCE Flaw Exploited in Ongoing Cyber Attacks
Microsoft warns of active SharePoint exploits affecting on-prem users; 54 victims confirmed in major attack.
8 hours ago