Organizations Warned of Vulnerability in Microsoft Exchange Hybrid Deployment

Organizations Warned of Vulnerability in Microsoft Exchange Hybrid Deployment

Posted on By CWS

Microsoft on Wednesday knowledgeable organizations a few high-severity vulnerability affecting hybrid deployments of Change Server.

In accordance with Microsoft, the vulnerability, tracked as CVE-2025-53786, might be exploited by an attacker to escalate privileges.  

“In an Change hybrid deployment, an attacker who first positive factors administrative entry to an on-premises Change server may doubtlessly escalate privileges inside the group’s related cloud setting with out leaving simply detectable and auditable hint,” Microsoft defined. “This danger arises as a result of Change Server and Change On-line share the identical service principal in hybrid configurations.”

The problem, reported by Dirk-jan Mollema of Outsider Safety, has been patched in Change Server 2016, 2019 and Subscription Version RTM.

Microsoft’s advisory signifies that the vulnerability has not been exploited within the wild, however its exploitability evaluation is ‘exploitation extra probably’.

CISA has additionally revealed an alert for CVE-2025-53786, saying that, whereas Microsoft has not seen any in-the-wild assaults, organizations are strongly urged to implement patches and mitigations “or danger leaving the group susceptible to a hybrid cloud and on-premises whole area compromise”. 

Microsoft on Wednesday additionally revealed a weblog put up to remind prospects about just lately introduced modifications to Change hybrid environments.

“Beginning in August 2025, we are going to start briefly blocking Change Net Providers (EWS) visitors utilizing the Change On-line shared service principal (which is by default utilized by some coexistence options in hybrid situations),” the corporate defined. Commercial. Scroll to proceed studying.

It added, “This is part of a phased technique to hurry up buyer adoption of the devoted Change hybrid app and making our buyer’s environments safer.”

It’s not unusual for menace actors to focus on Change Server cases. CISA’s Identified Exploited Vulnerabilities catalog at the moment consists of 17 Change flaws exploited since 2018.

Associated: Microsoft Paid Out $17 Million in Bug Bounties in Previous 12 months

Associated: Development Micro Warns of Apex One Vulnerabilities Exploited in Wild

Associated: Flaws Expose 100 Dell Laptop computer Fashions to Implants, Home windows Login Bypass

Security Week News Tags:, , , , , ,

Related Posts

Passkey Login Bypassed via WebAuthn Process Manipulation Passkey Login Bypassed via WebAuthn Process Manipulation Security Week News
Gene Sequencing Giant Illumina Settles for .8M Over Product Vulnerabilities Gene Sequencing Giant Illumina Settles for $9.8M Over Product Vulnerabilities Security Week News
Novee Emerges From Stealth With .5 Million in Funding Novee Emerges From Stealth With $51.5 Million in Funding Security Week News
Adobe Issues Out-of-Band Patches for AEM Forms Vulnerabilities With Public PoC Adobe Issues Out-of-Band Patches for AEM Forms Vulnerabilities With Public PoC Security Week News
Indurex Emerges From Stealth to Close Security Gap in Cyber-Physical Systems Indurex Emerges From Stealth to Close Security Gap in Cyber-Physical Systems Security Week News
US Charges Cambodian Executive in Massive Crypto Scam and Seizes More Than Billion in Bitcoin US Charges Cambodian Executive in Massive Crypto Scam and Seizes More Than $14 Billion in Bitcoin Security Week News