The Reveal Platform
Intel Name: Microsoft sharepoint vulnerabilities – cve-2025-49704 and cve-2025-49706
Date of Scan: July 21, 2025
Impact: High
Summary:
Active exploitation of Microsoft SharePoint vulnerabilities CVE-2025-49704 and CVE-2025-49706 has been observed. These flaws allow unauthenticated attackers to bypass restrictions and, when chained, can lead to arbitrary command execution on affected SharePoint Server 2016 and 2019 systems. Current attack activity includes: Deploying malicious ASPX payloads through PowerShell
Extracting machine keys for persistent access, Targeting organizations across the globe. The team urges immediate patching and adherence to Microsoft’s security guidance for these vulnerabilities. These are real-world, high-risk threats requiring urgent action.
