Microsoft SharePoint Zero-day

What is the Vulnerability?A critical zero-day vulnerability in Microsoft SharePoint, identified as CVE-2025-53770, has been actively exploited in the wild since at least July 18, 2025. This vulnerability affects on-premises SharePoint Servers and currently has no available patch. Microsoft has confirmed that attackers are targeting this flaw, which appears to be a variant of the previously known CVE-2025-49706.CVE-2025-53770 stems from the deserialization of untrusted data, allowing a remote, unauthenticated attacker to achieve arbitrary code execution over the network.What is the recommended Mitigation?As of now, no official patch has been released by Microsoft. However, Microsoft has issued interim guidance to help mitigate the impact of this vulnerability. SharePoint Online in Microsoft 365 is not impacted. Refer to Microsoft’s advisory: Customer guidance for SharePoint vulnerability CVE-2025-53770 | MSRC Blog | Microsoft Security Response Center-Follow recommended best practices and detection methods to reduce exposure.-Monitor systems closely for signs of exploitation.-Microsoft is actively working on a security update.What FortiGuard Coverage is available?FortiGuard Labs has proactively blocked all known Indicators of Compromise (IOCs) associated with this vulnerability.The team is continuously monitoring for emerging threats and new IOCs, advising customers to apply Microsoft’s mitigation steps immediately and to monitor for security updates and potential patch releases.FortiGuard Labs will provide updates when and as they become available.Read More