CVE-2025-47172: 
vulnerability analysis and mitigation

Microsoft SharePoint Server contains a critical remote code execution vulnerability (CVE-2025-47172) that was disclosed on June 10, 2025. The vulnerability is characterized as an improper neutralization of special elements used in an SQL command that affects Microsoft SharePoint Server, allowing an authorized attacker to execute code over a network (Wiz, NVD).

The vulnerability has been assigned a CVSS v3.1 base score of 8.8 (HIGH) with a vector string of CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H, indicating network accessibility, low attack complexity, and requiring low privileges. The technical classification falls under CWE-89, which refers to Improper Neutralization of Special Elements used in an SQL Command (NVD, Wiz).

The vulnerability enables an attacker to execute arbitrary code on affected SharePoint servers with elevated privileges. Given the CVSS score of 8.8 and the critical rating, successful exploitation could lead to complete system compromise, potentially affecting the confidentiality, integrity, and availability of the SharePoint server (Wiz).

Microsoft has released a security update to address this vulnerability as part of the June 2025 Patch Tuesday updates. Organizations are advised to apply the security updates immediately to protect against potential exploitation. The update is available through Microsoft Update, Microsoft Update Catalog, and as a standalone package through the Microsoft Download Center (Microsoft Support).