This alert has been written for the IT teams of organisations and government.

Background  / What has happened?

ASD’s ACSC is aware of a vulnerability impacting Microsoft Office SharePoint Server products (CVE-2025-53770).

CVE-2025-53770 involves the deserialisation of untrusted data in on-premises Microsoft SharePoint Servers allowing an unauthorised attacker to execute code over a network. 

Microsoft is aware that an exploit for CVE-2025-53770 exists in the wild and has observed active attacks targeting on-premises SharePoint Server customers.

Microsoft is preparing and fully testing a comprehensive update to address this vulnerability. 

ASD’s ACSC recommends monitoring Microsoft’s official advisories for any updates to mitigations and for details on any related patches.

Mitigation / How do I stay secure?

Australian organisations should review their networks for use of vulnerable instances of the Microsoft Office SharePoint Server products and consult Microsoft’s customer advisory (CVE-2025-53770) for mitigation advice.

Assistance / Where can I go for help?

ASD’s ACSC is monitoring the situation and is able to provide assistance and advice as required. Organisations or individuals that have been impacted or require assistance can contact us via 1300 CYBER1 (1300 292 371).