WAF - WAF Release - 2025-07-21 - Emergency
11mo ago
Source
CloudflareWAF - WAF Release - 2025-07-21 - Emergencycloudflare.comThis week's update highlights several high-impact vulnerabilities affecting Microsoft SharePoint Server. These flaws, involving unsafe deserialization, allow unauthenticated remote code execution over the network, posing a critical threat to enterprise environments relying on SharePoint for collaboration and document management. Key Findings Microsoft SharePoint Server (CVE-2025-53770): A critical vulnerability involving unsafe deserialization of untrusted data, enabling unauthenticated remote code execution over the network. This flaw allows attackers to execute arbitrary code on vulnerable SharePoint servers without user interaction. Microsoft SharePoint Server (CVE-2025-53771): A closely related deserialization issue that can be exploited by unauthenticated attackers, potentially leading to full system compromise. The vulnerability highlights continued risks around insecure serialization logic in enterprise collaboration platforms. Impact Together, these vulnerabilities significantly weaken the security posture of on-premise Microsoft SharePoint Server deployments. By enabling remote code execution without authentication, they open the door for attackers to gain persistent access, deploy malware, and move laterally across enterprise environments. Ruleset Rule ID Legacy Rule ID Description Previous Action New Action Comments Cloudflare Managed Ruleset 34dac2b38b904163bc587cc32168f6f0 100817 Microsoft SharePoint - Deserialization - CVE:CVE-2025-53770 N/A Block This is a New Detection Cloudflare Managed Ruleset d21f327516a145bc9d1b05678de656c4 100818 Microsoft SharePoint - Deserialization - CVE:CVE-2025-53771 N/A Block This is a New Detection For more details, also refer to our blog .
You might also wanna read
Microsoft releases critical security patch for SharePoint deserialization vulnerability
Microsoft has released May updates for SharePoint servers that patch a highly critical security vulnerability (CVE-2026-45659, CVSS 8.8). Th
Microsoft patches high-severity SharePoint RCE vulnerability CVE-2026-45659
Microsoft has patched a high-severity remote code execution vulnerability (CVE-2026-45659) in SharePoint that affects SharePoint Server Subs
CISA adds actively exploited SharePoint RCE flaw to KEV catalog after Microsoft downplayed risk
CISA has added CVE-2026-45659, a remote code execution vulnerability in on-premises Microsoft SharePoint Server, to its Known Exploited Vuln
CISA adds actively exploited SharePoint RCE flaw to KEV catalog after Microsoft downplayed risk
CISA has added CVE-2026-45659, a remote code execution vulnerability in on-premises Microsoft SharePoint Server, to its Known Exploited Vuln
CISA adds actively exploited SharePoint RCE flaw to KEV catalog after Microsoft downplayed risk
CISA has added CVE-2026-45659, a remote code execution vulnerability in on-premises Microsoft SharePoint Server, to its Known Exploited Vuln
SharePoint RCE CVE-2026-45659 Added to CISA KEV After Active Exploitation
thehackernews.com·2d ago

Comments
Sign in to join the conversation.
No comments yet. Be the first.