NG Solution Team
Technology

Is a zero-day vulnerability in Sitecore being exploited by attackers?

Attackers are exploiting a zero-day vulnerability, identified as CVE-2025-53690, in Sitecore solutions to breach internet-facing on-premises deployments. This vulnerability, a ViewState deserialization flaw, affects all versions of Sitecore Experience Manager, Experience Platform, Experience Commerce, and Managed Cloud. Systems using a sample machine key from older deployment instructions are particularly at risk. Exploiting this flaw can enable remote code execution on vulnerable instances. Mandiant’s responders intervened during an attack, which involved probing web servers and exploiting the /sitecore/blocked.aspx page to execute malicious ViewState requests. Once inside, attackers installed tools to gather and exfiltrate sensitive information, create administrator accounts, and perform extensive network reconnaissance. Mandiant has shared indicators of compromise and provided detection tools. Sitecore has updated its deployments to generate unique machine keys and has advised affected customers on protective measures. Organizations are urged to check for signs of compromise.

Related posts

Can GTE Challenge HyperLiquid with Its $15M Funding Boost?

James Smith

Has Lifeguard Secured $1.3 Million in Seed Funding?

James Smith

How is AI shaping the future of wealth management?

Jessica Williams

Leave a Comment

This website uses cookies to improve your experience. We assume you agree, but you can opt out if you wish. Accept More Info

Privacy & Cookies Policy