CISA Issues Urgent Microsoft CVE-2025-53786 Security Warning
MICROSOFT EXCHANGE SERVER HYBRID DEPLOYMENTS, AUG 6 – The vulnerability allows attackers with on-premises administrative access to escalate privileges into connected cloud environments, risking total domain compromise, CISA said with a CVSS score of 8.0.
- On August 6, 2025, the Cybersecurity and Infrastructure Security Agency and Microsoft warned of a high-severity vulnerability, CVE-2025-53786, in Microsoft Exchange Server hybrid deployments that could allow attackers to pivot from on-premises servers to the cloud.
- Following Mollema’s presentation at Black Hat 2025, CISA issued its Wednesday evening alert about the high-severity Microsoft Exchange vulnerability.
- The vulnerability enables escalation of privileges within hybrid deployments, exploiting special access tokens that cannot be canceled once stolen, offering up to 24 hours of unchecked access, requiring administrative access on an Exchange Server.
- Under an emergency directive, CISA required federal agencies to assess their Exchange environments and disconnect end-of-life servers by 9 a.m. on Monday, Aug. 11.
- Starting this month, Microsoft will temporarily block Exchange Web Services traffic via the shared service principal, with a permanent block after October 31, 2025, and support ending October 14, 2025.
18 Articles
18 Articles
CISA directs agencies to mitigate ‘high-severity’ Microsoft vulnerability
The Cybersecurity and Infrastructure Security Agency is giving agencies through the weekend to patch a critical vulnerability in hybrid configurations of Microsoft’s widely used Exchange product. In an emergency directive issued early Thursday afternoon, CISA is giving agencies until 9 a.m. on Monday, Aug. 11, to mitigate the Microsoft Exchange vulnerability. “This vulnerability poses grave risk to all organizations operating Microsoft Exchange …
CISA, Microsoft warn organizations of high-severity Microsoft Exchange vulnerability
LAS VEGAS — Federal cyber authorities issued an alert Wednesday evening about a high-severity vulnerability affecting on-premises Microsoft Exchange servers shortly after a researcher presented findings of the defect at Black Hat. Microsoft also issued an advisory about the vulnerability — CVE-2025-53786 — and said it’s not aware of exploitation in the wild. While the public disclosure and advisories about the defect came late in the day amid …
Coverage Details
Bias Distribution
- 100% of the sources are Center
Factuality
To view factuality data please Upgrade to Premium