Organizations Warned of Vulnerability in Microsoft Exchange Hybrid Deployment

Organizations Warned of Vulnerability in Microsoft Exchange Hybrid Deployment

Posted on By CWS

Microsoft on Wednesday knowledgeable organizations a few high-severity vulnerability affecting hybrid deployments of Change Server.

In accordance with Microsoft, the vulnerability, tracked as CVE-2025-53786, might be exploited by an attacker to escalate privileges.  

“In an Change hybrid deployment, an attacker who first positive factors administrative entry to an on-premises Change server may doubtlessly escalate privileges inside the group’s related cloud setting with out leaving simply detectable and auditable hint,” Microsoft defined. “This danger arises as a result of Change Server and Change On-line share the identical service principal in hybrid configurations.”

The problem, reported by Dirk-jan Mollema of Outsider Safety, has been patched in Change Server 2016, 2019 and Subscription Version RTM.

Microsoft’s advisory signifies that the vulnerability has not been exploited within the wild, however its exploitability evaluation is ‘exploitation extra probably’.

CISA has additionally revealed an alert for CVE-2025-53786, saying that, whereas Microsoft has not seen any in-the-wild assaults, organizations are strongly urged to implement patches and mitigations “or danger leaving the group susceptible to a hybrid cloud and on-premises whole area compromise”. 

Microsoft on Wednesday additionally revealed a weblog put up to remind prospects about just lately introduced modifications to Change hybrid environments.

“Beginning in August 2025, we are going to start briefly blocking Change Net Providers (EWS) visitors utilizing the Change On-line shared service principal (which is by default utilized by some coexistence options in hybrid situations),” the corporate defined. Commercial. Scroll to proceed studying.

It added, “This is part of a phased technique to hurry up buyer adoption of the devoted Change hybrid app and making our buyer’s environments safer.”

It’s not unusual for menace actors to focus on Change Server cases. CISA’s Identified Exploited Vulnerabilities catalog at the moment consists of 17 Change flaws exploited since 2018.

Associated: Microsoft Paid Out $17 Million in Bug Bounties in Previous 12 months

Associated: Development Micro Warns of Apex One Vulnerabilities Exploited in Wild

Associated: Flaws Expose 100 Dell Laptop computer Fashions to Implants, Home windows Login Bypass

Security Week News Tags:, , , , , ,

Related Posts

Critical Windows Server WSUS Vulnerability Exploited in the Wild  Critical Windows Server WSUS Vulnerability Exploited in the Wild  Security Week News
RADICL Secures M to Enhance AI-Driven Cybersecurity RADICL Secures $31M to Enhance AI-Driven Cybersecurity Security Week News
Pentagon’s AI Dispute with Anthropic Over Autonomy Pentagon’s AI Dispute with Anthropic Over Autonomy Security Week News
NPM Package With 56,000 Downloads Steals WhatsApp Credentials, Data NPM Package With 56,000 Downloads Steals WhatsApp Credentials, Data Security Week News
Wynn Resorts Confirms Data Breach Amid Cybersecurity Concerns Wynn Resorts Confirms Data Breach Amid Cybersecurity Concerns Security Week News
Two Scattered Spider Suspects Arrested in UK; One Charged in US Two Scattered Spider Suspects Arrested in UK; One Charged in US Security Week News