CISA Orders Immediate Patch of Critical Sitecore Vulnerability Under Active Exploitation Federal Civilian Executive Branch (FCEB) agencies are being advised to update their instances by September 25, 2025, following the discovery a security flaw that has come under active exploitation in wild. The vulnerability , tracked as CVE-2025-53690 carries CVSS score 9.0 out maximum 10.0, indicating critical severity. "Sitecore Experience Manager (XM), Platform (XP), Commerce (XC), and Managed Cloud contain deserialization untrusted data involving use default machine keys," U.S. Cybersecurity Infrastructure Security Agency (CISA) said . "This allows attackers exploit exposed ASP.NET keys achieve remote code execution." Google-owned Mandiant, which discovered ViewState attack, activity leveraged sample key had been deployment guides from 2017 earlier. threat intelligence team ... https://thehackernews.com/2025/09/cisa-orders-immediate-patch-of-critical.html