Detections
Analytics
Security Updates for Microsoft SharePoint Server Subscription Edition (July 2025)
critical Nessus Plugin ID 242415
Synopsis
The Microsoft SharePoint Server Subscription Edition installation on the remote host is missing a security update.Description
The Microsoft SharePoint Server Subscription Edition installation on the remote host is missing security updates. It is, therefore, affected by multiple security vulnerabilities:- Improper limitation of a pathname to a restricted directory ('path traversal') in Microsoft Office SharePoint allows an authorized attacker to perform spoofing over a network. (CVE-2025-53771)
- Deserialization of untrusted data in on-premises Microsoft SharePoint Server allows an unauthorized attacker to execute code over a network. (CVE-2025-53770)
Solution
Microsoft has released KB5002768 to address this issue.See Also
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-53770
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-53771
https://www.microsoft.com/en-us/download/details.aspx?id=108285
Plugin Details
Severity: Critical
ID: 242415
File Name: smb_nt_ms25_jul_office_sharepoint_subscr_CVE-2025-53770.nasl
Version: 1.2
Type: local
Agent: windows
Family: Windows : Microsoft Bulletins
Published: 7/20/2025
Updated: 7/21/2025
Supported Sensors: Frictionless Assessment Agent, Nessus Agent, Nessus
Risk Information
VPR
Risk Factor: Critical
Score: 9.2
CVSS v3
Risk Factor: Critical
Base Score: 9.8
Temporal Score: 9.1
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Temporal Vector: CVSS:3.0/E:F/RL:O/RC:C
Vulnerability Information
CPE: cpe:/a:microsoft:sharepoint_server:subscription
Required KB Items: SMB/MS_Bulletin_Checks/Possible
Exploit Available: true
Exploit Ease: Exploits are available
Patch Publication Date: 7/20/2025
Vulnerability Publication Date: 7/20/2025
CISA Known Exploited Vulnerability Due Dates: 7/21/2025
Reference Information
CVE: CVE-2025-53770, CVE-2025-53771
MSFT: MS25-5002768
MSKB: 5002768