Plattform
sharepoint
Komponente
microsoft-sharepoint-enterprise-server
Behoben in
16.0.5513.1002
16.0.10417.20041
16.0.18526.20518
CVE-2025-53760 describes a server-side request forgery (SSRF) vulnerability within Microsoft SharePoint Enterprise Server. This flaw allows an authenticated attacker to potentially elevate their privileges and gain unauthorized access to network resources. The vulnerability impacts versions 16.0.0 through 16.0.18526.20518, and a fix is available in version 16.0.18526.20518.
The SSRF vulnerability in SharePoint Enterprise Server allows an attacker who has authenticated access to the system to craft malicious requests that appear to originate from the SharePoint server itself. This can be exploited to access internal resources that are otherwise protected, such as databases, APIs, or other internal services. Successful exploitation could lead to data exfiltration, privilege escalation, and potentially complete compromise of the affected SharePoint environment. The attacker could potentially use SharePoint as a springboard to launch attacks against other systems on the network, expanding the blast radius beyond just the SharePoint server itself. While the vulnerability requires authentication, the potential for privilege escalation makes it a significant security risk.
CVE-2025-53760 was publicly disclosed on 2025-08-12. The CVSS score of 7.1 (HIGH) indicates a significant risk. Currently, there are no publicly available proof-of-concept exploits, but the SSRF nature of the vulnerability makes it likely that exploits will emerge. It is not currently listed on the CISA KEV catalog, but its potential for privilege escalation warrants close monitoring. Organizations should prioritize patching to prevent exploitation.
Organizations heavily reliant on Microsoft SharePoint Enterprise Server for document management, collaboration, and internal applications are at significant risk. Environments with weak authentication controls or inadequate network segmentation are particularly vulnerable. Shared hosting environments where multiple tenants share the same SharePoint instance should also be carefully assessed.
• sharepoint: Examine SharePoint logs for unusual outbound requests, particularly those targeting internal IP addresses or services. Use PowerShell to check for suspicious scheduled tasks or web parts.
Get-SPOSite -Limit 1000 | Select-Object URL, Title• generic web: Monitor access logs for requests to internal resources that should not be accessible from the outside. Check response headers for signs of SSRF exploitation.
curl -I <sharepoint_url> | grep -i 'X-SharePoint-Environment'disclosure
Exploit-Status
EPSS
0.29% (52% Perzentil)
CISA SSVC
CVSS-Vektor
The primary mitigation for CVE-2025-53760 is to upgrade Microsoft SharePoint Enterprise Server to version 16.0.18526.20518 or later. If immediate upgrading is not possible, consider implementing network segmentation to restrict SharePoint's access to internal resources. Implement strict input validation and output encoding within SharePoint applications to prevent malicious requests. Review and strengthen authentication mechanisms to limit the potential for attackers to gain initial access. Monitor SharePoint logs for suspicious activity, particularly requests to unusual or internal endpoints. Consider deploying a Web Application Firewall (WAF) with SSRF protection rules to block malicious requests.
Wenden Sie die von Microsoft bereitgestellten Sicherheitsupdates für SharePoint Enterprise Server 2016 an. Weitere Details und spezifische Update-Anweisungen finden Sie im Microsoft Sicherheitsbulletin CVE-2025-53760. Stellen Sie sicher, dass Sie das entsprechende Update für Ihre SharePoint-Version anwenden.
Schwachstellenanalysen und kritische Warnungen direkt in deinen Posteingang.
CVE-2025-53760 is a server-side request forgery vulnerability in Microsoft SharePoint Enterprise Server allowing authenticated attackers to elevate privileges over a network.
If you are running Microsoft SharePoint Enterprise Server versions 16.0.0–16.0.18526.20518, you are potentially affected by this vulnerability.
Upgrade to Microsoft SharePoint Enterprise Server version 16.0.18526.20518 or later to remediate the vulnerability.
While no public exploits are currently available, the SSRF nature of the vulnerability suggests potential for exploitation, and organizations should prioritize patching.
Refer to the official Microsoft Security Update Guide for details: [https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-53760]
Lade deine Abhängigkeitsdatei hoch und erfahre sofort, ob dich diese und andere CVEs treffen.