CVE-2025-30384: 
vulnerability analysis and mitigation

A remote code execution vulnerability (CVE-2025-30384) was identified in Microsoft Office SharePoint, disclosed on May 13, 2025, as part of Microsoft's May 2025 Patch Tuesday updates. The vulnerability involves deserialization of untrusted data in Microsoft Office SharePoint that allows an unauthorized attacker to execute code locally (Wiz Report, NVD).

The vulnerability is classified as CWE-502 (Deserialization of Untrusted Data) and has been assigned a CVSS v3.1 base score of 7.4 (HIGH) with the vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H. This indicates that while the attack requires local access and high complexity, it requires no privileges or user interaction and can result in high impacts to confidentiality, integrity, and availability (NVD).

If successfully exploited, this vulnerability allows an unauthorized attacker to execute code locally on affected SharePoint systems. The high CVSS score indicates potential severe impacts to system confidentiality, integrity, and availability (Wiz Report).

Microsoft has released security updates to address this vulnerability as part of their May 2025 Patch Tuesday updates. Organizations are advised to apply the relevant security updates (build 16.0.10417.20010) to affected SharePoint installations. The update is available through Microsoft Update, Microsoft Update Catalog, and Microsoft Download Center (Microsoft Support).