CVE-2022-38053
Published: 11 October 2022
Summary
CVE-2022-38053 is a high-severity an unspecified weakness vulnerability in Microsoft Sharepoint Enterprise Server. Its CVSS base score is 8.8 (High).
Operationally, ranked in the top 3.4% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog.
Deeper analysis
Microsoft SharePoint Server is affected by CVE-2022-38053, a remote code execution vulnerability disclosed on 2022-10-11. The flaw carries a CVSS 3.1 base score of 8.8 with the vector AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H, indicating that an authenticated attacker can achieve full compromise of confidentiality, integrity, and availability over the network with low attack complexity.
An attacker who possesses low-privileged access to a SharePoint deployment can exploit the vulnerability to execute arbitrary code on the server without user interaction, resulting in complete takeover of the affected SharePoint instance and any data it processes.
Microsoft has published official guidance and patches for the issue through its Security Response Center at the referenced URLs, directing administrators to apply the relevant updates for supported SharePoint Server versions.
EPSS for the CVE rose from a low baseline to a peak of 0.5244 on 2025-12-11 before receding to the current value of 0.2852, indicating that exploitation interest increased well after initial disclosure.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2022-40659
Vulnerability details
Microsoft SharePoint Server Remote Code Execution Vulnerability
- CWE(s)
Related Threats
No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.
Affected Assets
Mitigating Controls
No mitigating controls mapped yet. The per-CVE control annotator has not reached this CVE.