**Name of the Vulnerable Software and Affected Versions:**

Microsoft SharePoint Server (affected versions not specified)

Microsoft SharePoint Server Subscription Edition (affected versions not specified)

Microsoft SharePoint Foundation (affected versions not specified)

**Description:**

The issue involves improper authentication in Microsoft Office SharePoint, allowing an authorized attacker to perform spoofing over a network. The vulnerability enables attackers to bypass authentication on affected installations, potentially gaining unauthorized access to the system. Reports indicate a global cyberattack exploiting this vulnerability, compromising over 85 servers by July 20, 2025, utilizing malicious web shells and stolen `MachineKey` configurations for persistent access. The vulnerability is also referred to as a “ToolPane Authentication Bypass” and allows attackers to affect the system through data spoofing. Some reports suggest user interaction may be required for exploitation.

**Recommendations:**

At the moment, there is no information about a newer version that contains a fix for this vulnerability.