THREAT OPS › CVEs › CVE-2025-49706
CVE-2025-49706 — Microsoft SharePoint Improper Authentication Vulnerability
Microsoft SharePoint contains an improper authentication vulnerability that allows an authorized attacker to perform spoofing over a network. Successfully exploitation could allow an attacker to view sensitive information and make some changes to disclosed information. This vulnerability could be chained with CVE-2025-49704. CVE-2025-53771 is a patch bypass for CVE-2025-49706, and the updates for CVE-2025-53771 include more robust protection than those for CVE-2025-49706.
Vulnerability details
- Affected productsSharePoint
- KEV remediation due2025-07-23