Solutions
Solutions
All in one solution
Overview
Managed XDR
Keep my IT safe 24/7
24/7 Incident Response
Restore business operations
Security Awareness
Improve security culture
Cyber Insurance
Ensure business continuity
Integrations
Technology partners
Industry
All sectors
Logistics
Manufacturing
Professional services
Healthcare
Partners
Partner Network
For Brokers & Risk Advisors
Lower your clients' cyber risk.
For Managed Service Providers (MSP)
Expand your offer with cybersecurity.
Case studies
Customer protection
Jan de Rijk
Logistics
Avi Medical
Healthcare
KeyTec Netherlands
Manufacturing
Van der Most Transport
Logistics
Signature Foods
Manufacturing
KlaassenGroep
Construction
GOED Belgium
Healthcare
Zimmer Group
Manufacturing
Plans
Resources
Resources
Blogs
News from the front lines
Resource library
Guides and brochures
Free Anti-spoofing Tool
Sign up to get started
Knowledge Base
Customer login
Eye Research
Tech blog and real-world incidents
NIS2 Resource Hub
Your easy guide to NIS2
Glossary of Terms
A glossary of cybersecurity terms
Learning Hub
Understand the building blocks
Company
About
News
Careers
Contact
Press
en
Talk to us
Take a tour
Solutions
Back
Solutions
All in one solution
Managed XDR
24/7 Incident Response
Security Awareness
Cyber Insurance
Integrations
Industry
All sectors
Logistics
Manufacturing
Professional services
Healthcare
Partners
Back
Partner Network
For Brokers & Risk Advisors
For Managed Service Providers (MSP)
Case studies
Back
Customer protection
Jan de Rijk
Avi Medical
KeyTec Netherlands
Van der Most Transport
Signature Foods
KlaassenGroep
GOED Belgium
Zimmer Group
Plans
Resources
Back
Resources
Blogs
Resource library
Free Anti-spoofing Tool
Knowledge Base
Eye Research
NIS2 Resource Hub
Glossary of Terms
Learning Hub
Company
About
News
Careers
Contact
Press
en
Book a demo
Incident Hotline
Return to overview
0 min read

Eye Security Uncovers Actively Exploited Zero-Day in Microsoft SharePoint (CVE-2025-53770)

0 min read
July 21, 2025
By: Eye Security
SharePoint under siege
By: Eye Security
21 July 2025

On the evening of July 18, 2025, Eye Security identified active, large-scale exploitation of a new SharePoint remote code execution (RCE) vulnerability chain, dubbed ToolShell. This exploit is being used in the wild to compromise on-premise SharePoint servers across the world. The new chain we elaborate in this blog, was later named CVE-2025-53770 by Microsoft, as it is a variant of CVE-2025-49706.

Please find more details on our Tech Blog that's actively being maintained by our Research Team:

https://research.eye.security/sharepoint-under-siege/

Let's talk

Curious to know how we can help?
Get in touch
GET IN TOUCH
Share this article.

Related articles.