1. Home
  2. Mapping Frameworks
  3. Known Exploited Vulnerabilities Home
  4. Microsoft SharePoint Deserialization of Untrusted Data Vulnerability

Known Exploited Vulnerabilities CVE-2025-53770

Microsoft SharePoint Server on-premises contains a deserialization of untrusted data vulnerability that could allow an unauthorized attacker to execute code over a network.

Mappings

Capability ID Capability Description Mapping Type ATT&CK ID ATT&CK Name Notes
CVE-2025-53770 Microsoft SharePoint Deserialization of Untrusted Data Vulnerability exploitation_technique T1190 Exploit Public-Facing Application
Comments
This deserialization vulnerability in Microsoft SharePoint allows an unauthenticated remote attacker to execute remote code on the network.
References
  1. https://arcticwolf.com/resources/blog/cve-2025-53770/
CVE-2025-53770 Microsoft SharePoint Deserialization of Untrusted Data Vulnerability exploitation_technique T1059 Command and Scripting Interpreter
Comments
This deserialization vulnerability in Microsoft SharePoint allows an unauthenticated remote attacker to execute remote code on the network.
References
  1. https://arcticwolf.com/resources/blog/cve-2025-53770/