Microsoft patches critical elevation of privilege flaw in SharePoint Online
Take action: You don't have to do anything about this flaw, it's already patched. But take note of it for vendor evaluation, risk assessment and security discipline.
Learn More
Microsoft is reporting that they patched a critical vulnerability affecting SharePoint Online, that allows remote attackers to execute arbitrary code.
The flaw is tracked as CVE-2025-59245 (CVSS score 9.8) and is caused by unsafe deserialization of data. The flaw affected the core functionality of Microsoft 365's SharePoint Online platform. Threat actors could gain elevated privileges on the platform, potentially achieving administrative control over SharePoint tenants.
According to Microsoft's official guidance, the vulnerability has been mitigated at the platform level, and no action from customers is needed. At the time of publication, there were no reports of active exploitation in the wild.
Even if the flaw is patched, organizations should verify that administrative permissions are appropriately restricted and that logging is enabled to maintain good security hygiene.
