Remote Code Execution

CISA Orders Immediate Fix for Actively Exploited Sitecore ViewState Flaw (CVE-2025-53690)

Mandiant traced the intrusions to reused sample ASP.NET machine keys from older Sitecore deployment guides.