Vulnerabilities

Sitecore Zero-Day Sparks New Round of ViewState Threats

"Sitecore's zero-day vulnerability (CVE-2025-53690) exploited via old machine keys; urgent security measures advised to prevent attacks."

By Content Team

Sep 5, 2025

ON THIS PAGE

Share

---

ON THIS PAGE

Want more insights like this?

Subscribe to our newsletter to get the latest software protection strategies delivered to your inbox.

By submitting your email, you consent to Codekeeper contacting you and agree to our privacy policy.

A critical zero-day vulnerability in Sitecore (CVE-2025-53690) is being actively exploited by attackers using exposed machine keys from old documentation. The flaw affects Sitecore Experience Manager, Platform, and Commerce products through ViewState deserialization attacks.

Mandiant discovered attackers leveraging sample machine keys that Sitecore included in deployment guides from 2017 and earlier to execute remote code on servers. This continues a troubling trend of ViewState attacks in 2024, including breaches at ConnectWise and vulnerabilities in Microsoft SharePoint.

While these attacks appear unrelated, they highlight a persistent problem: organizations using default or sample keys instead of generating secure ones. Sitecore urges customers to rotate machine keys, encrypt web.config files, and monitor for suspicious activity targeting the /sitecore/blocked.aspx page.

Source: Dark Reading

Share this article

Have questions about protecting your software?

Our escrow experts are standing by to help.

Book a free demo

YOU MAY ALSO LIKE

750,000 People Hit by Major Data Breach at Canadian Investment Watchdog

Jan 16, 2026

Cyber Attack Hits Northern Ireland School IT System During Critical Exam Period

Apr 13, 2026

AI-Generated 'DeepLoad' Malware Uses Advanced Evasion to Steal Credentials

Mar 31, 2026

Shai-Hulud Worm Fuels $8.5 Million Trust Wallet Crypto Heist

Dec 31, 2025