CVE-2025-30384
published 2025-05-13CVE-2025-30384: Deserialization of untrusted data in Microsoft Office SharePoint allows an unauthorized attacker to execute code locally.
high7CVSS 3.1
AVLACHPRLUINSUCHIHAH
Deserialization of untrusted data in Microsoft Office SharePoint allows an unauthorized attacker to execute code locally.
Affected
9 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| microsoft | microsoft_sharepoint_enterprise_server_2016 | >= 16.0.0 < 16.0.5500.1001 | 16.0.5500.1001 |
| microsoft | microsoft_sharepoint_server_2019 | >= 16.0.0 < 16.0.10417.20010 | 16.0.10417.20010 |
| microsoft | microsoft_sharepoint_server_subscription_edition | >= 16.0.0 < 16.0.18526.20286 | 16.0.18526.20286 |
| microsoft | sharepoint_server | < 16.0.18526.20286 | 16.0.18526.20286 |
| microsoft | sharepoint_server | — | — |
| microsoft | sharepoint_server | — | — |
| msrc | microsoft_sharepoint_enterprise_server_2016 | — | — |
| msrc | microsoft_sharepoint_server_2019 | — | — |
| msrc | microsoft_sharepoint_server_subscription_edition | — | — |