Improper limitation of a pathname to a restricted directory ('path traversal') in Microsoft Office SharePoint allows an authorized attacker to perform spoofing over a network.
https://www.security.com/threat-intelligence/toolshell-zero-day-sharepoint-cve-2025-53770
https://www.infosecurity-magazine.com/news/microsoft-compromising-sharepoint/
https://therecord.media/microsoft-sharepoint-zero-day-vulnerability-exploited-globally
https://hackread.com/microsoft-hackers-exploit-sharepoint-flaws-patch-now/
https://thehackernews.com/2025/07/microsoft-releases-urgent-patch-for.html
https://thehackernews.com/2025/07/critical-microsoft-sharepoint-flaw.html
https://go.theregister.com/feed/www.theregister.com/2025/07/21/infosec_in_brief/
Published: 2025-07-20
Updated: 2025-07-22
Named Vulnerability: ToolShell
Base Score: 7.5
Vector: CVSS2#AV:N/AC:L/Au:S/C:C/I:P/A:N
Severity: High
Base Score: 7.1
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N
Severity: High
EPSS: 0.00114
Tenable Research has classified this CVE under the following Vulnerability Watch classification, which includes active and historical (inactive) classifications. You can learn more about these classifications on our blog.
Vulnerability Being Monitored