Multiple vulnerabilities in Microsoft SharePoint
| Risk | Medium |
| Patch available | YES |
| Number of vulnerabilities | 2 |
| CVE-ID | CVE-2025-49712 CVE-2025-53760 |
| CWE-ID | CWE-502 CWE-918 |
| Exploitation vector | Network |
| Public exploit | N/A |
| Vulnerable software |
Microsoft SharePoint Server Server applications / Application servers Microsoft SharePoint Enterprise Server Server applications / Application servers Microsoft SharePoint Server Subscription Edition Server applications / Application servers |
| Vendor | Microsoft |
Security Bulletin
This security bulletin contains information about 2 vulnerabilities.
1) Deserialization of Untrusted Data
EUVDB-ID: #VU114029
Risk: Medium
CVSSv4.0: 6.3 [CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2025-49712
CWE-ID:
CWE-502 - Deserialization of Untrusted Data
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to insecure input validation when processing serialized data in Microsoft SharePoint. A remote user can pass specially crafted data to the application and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsMicrosoft SharePoint Server: 2019
Microsoft SharePoint Enterprise Server: 2016
CPE2.3- cpe:2.3:a:microsoft:microsoft_sharepoint_server:2019:*:*:*:*:*:*:*
- cpe:2.3:a:microsoft:microsoft_sharepoint_enterprise_server:2016:*:*:*:*:*:*:*
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-49712
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
2) Server-Side Request Forgery (SSRF)
EUVDB-ID: #VU114030
Risk: Medium
CVSSv4.0: 5 [CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2025-53760
CWE-ID:
CWE-918 - Server-Side Request Forgery (SSRF)
Exploit availability: No
DescriptionThe disclosed vulnerability allows a remote attacker to perform SSRF attacks.
The vulnerability exists due to insufficient validation of user-supplied input in Microsoft SharePoint. A remote user can send a specially crafted HTTP request and trick the application to initiate requests to arbitrary systems.
Successful exploitation of this vulnerability may allow a remote attacker gain access to sensitive data, located in the local network or send malicious requests to other servers from the vulnerable system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsMicrosoft SharePoint Server: 2019
Microsoft SharePoint Enterprise Server: 2016
Microsoft SharePoint Server Subscription Edition: All versions
CPE2.3- cpe:2.3:a:microsoft:microsoft_sharepoint_server:2019:*:*:*:*:*:*:*
- cpe:2.3:a:microsoft:microsoft_sharepoint_enterprise_server:2016:*:*:*:*:*:*:*
- cpe:2.3:a:microsoft:microsoft_sharepoint_server_subscription_edition:*:*:*:*:*:*:*:*
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-53760
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
