Blog Security Research Understand the SharePoint RCE: Exploitations, Detections, and Mitigations According to our data, more than 20% of observed environments are exposed to the SharePoint vulnerability. Executive summary \r\n On July 19, 2025, Microsoft disclosed CVE-2025–53770 , a critical vulnerability in the ToolPane.aspx component of on-premises Microsoft SharePoint Servers. This vulnerability can allow an unauthenticated attacker to achieve unauthenticated remote code execution (RCE) through improper filtering of HTTP request headers. \r\n \r\n According to our data, more than 20% of observed environments are exposed to the SharePoint vulnerability .  \r\n \r\n Akamai is a Microsoft Active Protections Program (MAPP) partner, which allows us to deploy expedited protections for customers.…