UPDATE: Microsoft Releases Guidance on Exploitation of SharePoint Vulnerabilities

Source: All CISA Advisories | Added:

Microsoft has released guidance regarding the exploitation of SharePoint vulnerabilities, specifically CVE-2025-49706 and CVE-2025-49704, which allow unauthorized access to on-premise SharePoint servers. Malicious actors can exploit these vulnerabilities to access SharePoint content and execute code remotely.

Impact: SharePoint servers

In the Wild: Yes

Age: Updated disclosure

Remediation: Apply necessary security updates, configure Antimalware Scan Interface (AMSI), disconnect affected products from public-facing service, rotate ASP.NET machine keys, and monitor for specific POSTs.