Elevation of Privilege Vulnerability in Microsoft SharePoint Online
CVE-2025-59245

9.8CRITICAL

Key Information:

Vendor: Microsoft
Status: Microsoft Sharepoint Online
Vendor: CVE Published:; 20 November 2025

What is CVE-2025-59245?

This vulnerability in Microsoft SharePoint Online allows an attacker to elevate their privileges within the application, potentially gaining unauthorized access to sensitive information and functionalities. Proper security practices should be implemented to mitigate risks associated with unauthorized access.

Affected Version(s)

Microsoft SharePoint Online Unknown

References

https://msrc.microsoft.com/update-guide/vulnerability/CVE...

vendor-advisory

CVSS V3.1

Score:

9.8

Severity:

CRITICAL

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Nov 20, 2025
Vulnerability Reserved
Sep 11, 2025

JSON