Risk | Medium |
Patch available | YES |
Number of vulnerabilities | 3 |
CVE-ID | CVE-2025-49704 CVE-2025-49701 CVE-2025-49706 |
CWE-ID | CWE-94 CWE-285 CWE-287 |
Exploitation vector | Network |
Public exploit | N/A |
Vulnerable software |
Microsoft SharePoint Server Server applications / Application servers Microsoft SharePoint Enterprise Server Server applications / Application servers Microsoft SharePoint Server Subscription Edition Server applications / Application servers |
Vendor | Microsoft |
Security Bulletin
This security bulletin contains information about 3 vulnerabilities.
EUVDB-ID: #VU112648
Risk: Medium
CVSSv4.0: 6.3 [CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2025-49704
CWE-ID:
CWE-94 - Improper Control of Generation of Code ('Code Injection')
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to improper input validation in Microsoft SharePoint. A remote user can send a specially crafted request and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsMicrosoft SharePoint Server: 2019
Microsoft SharePoint Enterprise Server: before 16.0.5508.1000
CPE2.3https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-49704
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU112656
Risk: Medium
CVSSv4.0: 6.3 [CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2025-49701
CWE-ID:
CWE-285 - Improper Authorization
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to bypass authorization checks.
The vulnerability exists due to improper authorization in Microsoft SharePoint. A remote user can bypass authorization and execute arbitrary code on the target system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsMicrosoft SharePoint Server: before 16.0.10417.20027 16.0.10417.20027
Microsoft SharePoint Server Subscription Edition: before 16.0.18526.20424
Microsoft SharePoint Enterprise Server: before 16.0.5508.1000
CPE2.3https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-49701
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU112655
Risk: Medium
CVSSv4.0: 4.4 [CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:A/VC:H/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2025-49706
CWE-ID:
CWE-287 - Improper Authentication
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to bypass authentication process.
The vulnerability exists due to an error in when processing authentication requests in Microsoft SharePoint Server. A remote attacker can perform spoofing attack and gain unauthorized access to sensitive information.
MitigationInstall updates from vendor's website.
Vulnerable software versionsMicrosoft SharePoint Server: before 16.0.10417.20027 16.0.10417.20027
Microsoft SharePoint Enterprise Server: before 16.0.5508.1000
Microsoft SharePoint Server Subscription Edition: before 16.0.18526.20424
CPE2.3https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-49706
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.