{"id":10461,"date":"2025-07-21T12:34:41","date_gmt":"2025-07-21T05:34:41","guid":{"rendered":"https:\/\/infosec.new88088.net\/?p=10461"},"modified":"2026-02-05T12:34:48","modified_gmt":"2026-02-05T05:34:48","slug":"sharepoint-server-dinh-lo-hong-zero-day-hang-loat-he-thong-bi-hacker-kiem-soat-tu-xa","status":"publish","type":"post","link":"https:\/\/infosec.new88088.net\/2025\/07\/21\/sharepoint-server-dinh-lo-hong-zero-day-hang-loat-he-thong-bi-hacker-kiem-soat-tu-xa\/","title":{"rendered":"SharePoint Server d\u00ednh l\u1ed7 h\u1ed5ng Zero-day, h\u00e0ng lo\u1ea1t h\u1ec7 th\u1ed1ng b\u1ecb hacker ki\u1ec3m so\u00e1t t\u1eeb xa"},"content":{"rendered":"
M\u1ed9t l\u1ed7 h\u1ed5ng zero-day (CVE-2025-53770) v\u1eeba \u0111\u01b0\u1ee3c ph\u00e1t hi\u1ec7n trong Microsoft SharePoint Server. L\u1ed7 h\u1ed5ng n\u00e0y \u0111ang b\u1ecb khai th\u00e1c quy m\u00f4 l\u1edbn ngo\u00e0i th\u1ef1c t\u1ebf, \u1ea3nh h\u01b0\u1edfng t\u1edbi h\u00e0ng ch\u1ee5c t\u1ed5 ch\u1ee9c, bao g\u1ed3m c\u1ea3 c\u00e1c c\u00f4ng ty \u0111a qu\u1ed1c gia v\u00e0 c\u01a1 quan ch\u00ednh ph\u1ee7. \u0110\u00e2y l\u00e0 m\u1ed9t cu\u1ed9c t\u1ea5n c\u00f4ng c\u00f3 t\u00ednh k\u1ef9 thu\u1eadt cao, kh\u00f3 ph\u00e1t hi\u1ec7n v\u00e0 c\u00f3 th\u1ec3 g\u00e2y ra h\u1eadu qu\u1ea3 nghi\u00eam tr\u1ecdng n\u1ebfu kh\u00f4ng \u0111\u01b0\u1ee3c x\u1eed l\u00fd k\u1ecbp th\u1eddi. <\/b>
\n\u200b<\/div>\n
\n
\"1753087329043.png\"<\/div>\n<\/div>\n
\nL\u1ed7 h\u1ed5ng CVE-2025-53770 l\u00e0 m\u1ed9t bi\u1ebfn th\u1ec3 n\u00e2ng c\u1ea5p c\u1ee7a l\u1ed7 h\u1ed5ng CVE-2025-49704 (t\u1eebng \u0111\u01b0\u1ee3c Microsoft v\u00e1 h\u1ed3i \u0111\u1ea7u th\u00e1ng 7). Tuy nhi\u00ean, b\u1ea3n v\u00e1 tr\u01b0\u1edbc \u0111\u00f3 ch\u01b0a tri\u1ec7t \u0111\u1ec3 v\u00e0 \u0111\u00e3 b\u1ecb c\u00e1c nh\u00f3m tin t\u1eb7c t\u00ecm ra c\u00e1ch v\u01b0\u1ee3t qua.<\/p>\n

CVE-2025-53770 khai th\u00e1c m\u1ed9t l\u1ed7i trong qu\u00e1 tr\u00ecnh “deserialization”, khi SharePoint x\u1eed l\u00fd d\u1eef li\u1ec7u \u0111\u1ea7u v\u00e0o t\u1eeb b\u00ean ngo\u00e0i m\u00e0 kh\u00f4ng x\u00e1c th\u1ef1c \u0111\u1ea7y \u0111\u1ee7. \u0110i\u1ec1u n\u00e0y cho ph\u00e9p hacker th\u1ef1c thi m\u00e3 l\u1ec7nh t\u00f9y \u00fd t\u1eeb xa m\u00e0 kh\u00f4ng c\u1ea7n \u0111\u0103ng nh\u1eadp (unauthenticated RCE).<\/p>\n

C\u00f4ng ty c\u0169ng ti\u1ebft l\u1ed9 m\u1ed9t l\u1ed7 h\u1ed5ng n\u1eefa l\u00e0 CVE-2025-53771 m\u00e0 h\u1ecd cho bi\u1ebft c\u00f3 nhi\u1ec1u bi\u1ec7n ph\u00e1p b\u1ea3o v\u1ec7 h\u01a1n so v\u1edbi CVE-2025-49706. \u0110i\u1ec1u n\u00e0y cho th\u1ea5y c\u00f3 hai l\u1ed7 h\u1ed5ng zero-day m\u1edbi, c\u1ea3 hai \u0111\u1ec1u l\u00e0 l\u1ed7 h\u1ed5ng v\u01b0\u1ee3t qua c\u00e1c b\u1ea3n s\u1eeda l\u1ed7i ban \u0111\u1ea7u c\u1ee7a Microsoft v\u00e0o \u0111\u1ea7u th\u00e1ng n\u00e0y.<\/p>\n

Qu\u00e1 tr\u00ecnh t\u1ea5n c\u00f4ng \u0111i theo h\u01b0\u1edbng c\u1ef1c k\u1ef3 tinh vi:\u200b<\/p><\/div>\n