Critical Microsoft SharePoint Vulnerability (CVE-2025-53770) Exploited by Chinese Hackers for Credential Theft

A high-severity vulnerability in Microsoft SharePoint, identified as CVE-2025-53770 with a CVSS score of 9.8, is being actively exploited by Chinese hackers. This vulnerability allows unauthenticated remote access to exposed SharePoint servers, enabling attackers to steal authentication credentials. Notably, only on-premise SharePoint servers managed internally by clients are affected, while cloud-based SharePoint Online and Microsoft 365 remain unaffected. Microsoft has released patching instructions, but applying the update alone is insufficient to mitigate the vulnerability fully. Additional measures, such as network segmentation and enhanced monitoring, are recommended. The involvement of CISA underscores the severity of this threat, highlighting the need for immediate action by affected organizations. The exploitation of this vulnerability poses significant risks, including potential supply chain attacks and compliance violations. Organizations are advised to apply the patch promptly, implement additional security controls, and monitor for signs of exploitation.