KB-2344 Information about the Microsoft SharePoint Server Vulnerability (CVE-2025-53770 and CVE-2025-53771)https://community.appian.com/support/w/kb/3691/kb-2344-information-about-the-microsoft-sharepoint-server-vulnerability-cve-2025-53770-and-cve-2025-53771en-USTelligent Community 12KB-2344 Information about the Microsoft SharePoint Server Vulnerability (CVE-2025-53770 and CVE-2025-53771)https://community.appian.com/support/w/kb/3691/kb-2344-information-about-the-microsoft-sharepoint-server-vulnerability-cve-2025-53770-and-cve-2025-53771Thu, 24 Jul 2025 16:25:56 GMTd3a83456-d57b-489c-a84c-4e8267bb592a:0b9a1737-2a56-4822-bc04-54e6200e606fpauline.delacruzhttps://community.appian.com/support/w/kb/3691/kb-2344-information-about-the-microsoft-sharepoint-server-vulnerability-cve-2025-53770-and-cve-2025-53771#commentsCurrent Revision posted to Appian Knowledge Base by pauline.delacruz on 7/24/2025 4:25:56 PM<br /> <p><span style="font-weight:400;">On 19-Jul-2025, Microsoft announced active exploitation of two vulnerabilities against its on-premise Microsoft SharePoint Server software.&nbsp;</span></p> <p><span style="font-weight:400;">Appian does not use on-premise Microsoft SharePoint software and is not impacted by any related CVEs. We will continue to monitor the situation and provide any updates as appropriate.</span></p> <h2><span style="font-weight:400;">Additional Notes:</span></h2> <p><span style="font-weight:400;">The following CVEs were released with additional information on the scope of the vulnerability:</span></p> <ul> <li style="font-weight:400;"><a href="https://nvd.nist.gov/vuln/detail/CVE-2025-53770"><span style="font-weight:400;">CVE-2025-53770</span></a><span style="font-weight:400;"> - (&ldquo;Deserialization of untrusted data in on-premises Microsoft SharePoint Server allows an unauthorized attacker to execute code over a network.&rdquo;)</span></li> <li style="font-weight:400;"><a href="https://nvd.nist.gov/vuln/detail/CVE-2025-53771"><span style="font-weight:400;">CVE-2025-53771</span></a><span style="font-weight:400;"> - (&ldquo;Improper limitation of a pathname to a restricted directory (&#39;path traversal&#39;) in Microsoft Office SharePoint allows an authorized attacker to perform spoofing over a network.&rdquo;)</span></li> </ul> <p><span style="font-weight:400;">Supporting Documentation:</span></p> <ul> <li style="font-weight:400;"><a href="https://nvd.nist.gov/vuln/detail/CVE-2025-53770"><span style="font-weight:400;">https://nvd.nist.gov/vuln/detail/CVE-2025-53770</span></a></li> <li style="font-weight:400;"><a href="https://nvd.nist.gov/vuln/detail/CVE-2025-53771"><span style="font-weight:400;">https://nvd.nist.gov/vuln/detail/CVE-2025-53771</span></a></li> <li style="font-weight:400;"><a href="https://unit42.paloaltonetworks.com/microsoft-sharepoint-cve-2025-49704-cve-2025-49706-cve-2025-53770/"><span style="font-weight:400;">https://unit42.paloaltonetworks.com/microsoft-sharepoint-cve-2025-49704-cve-2025-49706-cve-2025-53770/</span><span style="font-weight:400;"><br /><br /></span></a></li> </ul> <h2><span style="font-weight:400;">Affected Versions</span></h2> <p><span style="font-weight:400;">This article applies to all supported versions of Appian.</span></p> <p><span style="font-weight:400;">Last reviewed: </span><span style="font-weight:400;">July 22, 2025</span></p><div style="clear:both;"></div>