Improper authentication in Microsoft Office SharePoint allows an unauthorized attacker to perform spoofing over a network.
https://thehackernews.com/2025/08/storm-2603-exploits-sharepoint-flaws-to.html
https://securelist.com/toolshell-explained/117045/
https://www.theregister.com/2025/07/24/microsoft_sharepoint_ransomware/
https://www.darkreading.com/endpoint-security/ransomware-actors-toolshell-sharepoint-bugs
https://therecord.media/microsoft-says-warlock-ransomware-deployed-in-sharepoint-attacks
https://thehackernews.com/2025/07/storm-2603-exploits-sharepoint-flaws-to.html
https://cyberscoop.com/microsoft-sharepoint-attacks-400-victims-us-agencies/
https://www.helpnetsecurity.com/2025/07/22/microsoft-pins-sharepoint-attacks-cve-2025-53770/
https://www.databreachtoday.com/microsoft-traces-on-premises-sharepoint-exploits-to-china-a-29029
https://www.darkreading.com/application-security/3-china-nation-state-actors-sharepoint-bugs
https://therecord.media/microsoft-sharepoint-vulnerabilities-china-groups-exploiting
https://thehackernews.com/2025/07/microsoft-links-ongoing-sharepoint.html
https://thehackernews.com/2025/07/hackers-exploit-sharepoint-zero-day.html
https://thehackernews.com/2025/07/cisa-orders-urgent-patching-after.html
https://hackread.com/microsoft-chinese-state-hackers-exploit-sharepoint-flaws/
https://www.theregister.com/2025/07/21/massive_security_snafu_microsoft/
https://www.security.com/threat-intelligence/toolshell-zero-day-sharepoint-cve-2025-53770
https://www.hipaajournal.com/microsof-emergency-patches-sharepoint-server-vulnerabilities/
https://www.databreachtoday.com/attackers-exploit-zero-day-flaws-in-on-premises-sharepoint-a-29018
https://krebsonsecurity.com/2025/07/microsoft-fix-targets-attacks-on-sharepoint-zero-day/
https://cyberscoop.com/microsoft-sharepoint-zero-day-attack-spree/
https://blog.talosintelligence.com/toolshell-affecting-sharepoint-servers/
https://thehackernews.com/2025/07/microsoft-releases-urgent-patch-for.html
https://thehackernews.com/2025/07/critical-microsoft-sharepoint-flaw.html
https://isc.sans.edu/diary/rss/32122
https://go.theregister.com/feed/www.theregister.com/2025/07/21/infosec_in_brief/
Published: 2025-07-08
Updated: 2025-07-30
Named Vulnerability: ToolShellKnown Exploited Vulnerability (KEV)
Base Score: 6.4
Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:N
Severity: Medium
Base Score: 6.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
Severity: Medium
EPSS: 0.00041
Tenable Research has classified this CVE under the following Vulnerability Watch classification, which includes active and historical (inactive) classifications. You can learn more about these classifications on our blog.
Vulnerability of Concern