PoC Week 2025-08-04

Posted on Aug 4, 2025

The most featured CVEs in this week’s security newsletters, with public Proof-of-Concepts, ordered by mention count. Older CVEs, trivially exploitable vulnerabilities (such as using hard-coded credentials) and those affecting open source projects with very small userbases aren’t listed.

For the most up-to-date and accurate info, visit the NIST links. Always audit PoCs thoroughly before running them.

CVE-2025-53770

  • Severity: 9.8 CRITICAL
  • Impacted Products: Hosted Sharepoint Server
  • Description: Deserialization of untrusted data in on-premises Microsoft SharePoint Server allows an unauthorized attacker to execute code over a network. Microsoft is aware that an exploit for CVE-2025-53770 exists in the wild. Microsoft is preparing and fully testing a comprehensive update to address this vulnerability. In the meantime, please make sure that the mitigation provided in this CVE documentation is in place so that you are protected from exploitation.
  • Remediation: Follow developer advice.
  • More Info: NVD - CVE-2025-53770
  • PoC: https://github.com/B1ack4sh/Blackash-CVE-2025-53770/

CVE-2025-6558

  • Severity: 8.8 HIGH
  • Impacted Products: Google Chrome prior to 138.0.7204.157
  • Description: Insufficient validation of untrusted input in ANGLE and GPU in Google Chrome prior to 138.0.7204.157 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page.
  • Remediation: Follow developer advice.
  • More Info: NVD - CVE-2025-6558
  • PoC: https://github.com/DevBuiHieu/CVE-2025-6558-Proof-Of-Concept

CVE-2025-20281

  • Severity: 10.0 CRITICAL
  • Impacted Products: Cisco ISE and Cisco ISE-PIC
  • Description: A vulnerability in a specific API of Cisco ISE and Cisco ISE-PIC could allow an unauthenticated, remote attacker to execute arbitrary code on the underlying operating system as root. The attacker does not require any valid credentials to exploit this vulnerability. This vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by submitting a crafted API request. A successful exploit could allow the attacker to obtain root privileges on an affected device.
  • Remediation: Follow developer advice.
  • More Info: NVD - CVE-2025-20281
  • PoC: https://github.com/abrewer251/CVE-2025-20281-2-Cisco-ISE-RCE

References

This list was scraped from the quite amazing and highly recommended newsletters below:

Thanks for reading! For corrections, omissions (e.g. newsletter recs) feel free to get in touch.