Microsoft has issued out-of-band security updates to rectify two vulnerabilities impacting on-premises installations of Microsoft SharePoint Server—one categorised as critical (CVE-2025-53770) and the other as medium severity (CVE-2025-53771). Both vulnerabilities have been observed as actively exploited in the wild.
The critical flaw, CVE-2025-53770, has been rated with a CVSSv3 score of 9.8 and involves the deserialisation of untrusted data. If successfully exploited, it could allow a remote attacker—without the need for authentication—to execute arbitrary code on a vulnerable SharePoint Server. This update offers a partial resolution for CVE-2025-49704, which was addressed in Microsoft’s scheduled security release for July 2025.
The second issue, CVE-2025-53771, is rated with a CVSSv3 score of 6.3 and relates to path traversal, improper neutralisation, and insufficient input validation. Exploiting this vulnerability requires authentication and may enable an attacker to spoof identities or access sensitive content, including session tokens and server-stored files. This patch contributes to a partial fix for CVE-2025-49706, also included in the July 2025 update.
It is important to note that SharePoint Server 2010 and SharePoint Server 2013 are no longer supported and do not receive security patches. Organisations still relying on these versions are strongly advised to migrate to a supported release of SharePoint Server to maintain security compliance.
CrushFTP has confirmed the existence of a critical zero-day vulnerability, tracked as CVE-2025-54309, which has been actively exploited in the wild since 18 July 2025. The flaw affects its proprietary, multi-protocol, cross-platform file transfer server and carries a CVSSv3 score of 9.0.
Successful exploitation could allow a remote attacker to gain administrative access via HTTPS, posing a significant security risk.
However, the vulnerability is not exploitable in environments where the demilitarised zone (DMZ) function of CrushFTP has been properly configured, offering protection against this threat.
Mitel has issued security alerts regarding vulnerabilities discovered in its cloud-based communication platforms, MiVoice MX-ONE and MiCollab, which are used for managing enterprise communications.
One critical flaw, currently without a CVE identifier at the time of this alert’s publication, impacts MiVoice MX-ONE. This vulnerability involves an authentication bypass and has been assigned a CVSS v3 score of 9.4. If exploited, it could enable a remote attacker—without prior authentication—to access user or administrator accounts without authorization.
Additionally, a high-severity vulnerability identified as CVE-2025-52914 affects MiCollab. This issue is a SQL injection flaw with a CVSS v3 score of 8.8. An attacker with valid credentials could exploit it to access provisioning data and run unauthorized SQL commands on the database.
Recommended Action
Organisations are encouraged to review the appropriate security advisory pages and apply the updates:
Microsoft – ...CVE-2025-53770
CrushFTP – Update
Mitel – Security Advisories
If you have any concerns, or have been affected by a cyber-related issue, report it to us by submitting a Cyber Concerns Online Reporting Form.