Organizations Warned of Vulnerability in Microsoft Exchange Hybrid Deployment

Organizations Warned of Vulnerability in Microsoft Exchange Hybrid Deployment

Posted on By CWS

Microsoft on Wednesday knowledgeable organizations a few high-severity vulnerability affecting hybrid deployments of Change Server.

In accordance with Microsoft, the vulnerability, tracked as CVE-2025-53786, might be exploited by an attacker to escalate privileges.  

“In an Change hybrid deployment, an attacker who first positive factors administrative entry to an on-premises Change server may doubtlessly escalate privileges inside the group’s related cloud setting with out leaving simply detectable and auditable hint,” Microsoft defined. “This danger arises as a result of Change Server and Change On-line share the identical service principal in hybrid configurations.”

The problem, reported by Dirk-jan Mollema of Outsider Safety, has been patched in Change Server 2016, 2019 and Subscription Version RTM.

Microsoft’s advisory signifies that the vulnerability has not been exploited within the wild, however its exploitability evaluation is ‘exploitation extra probably’.

CISA has additionally revealed an alert for CVE-2025-53786, saying that, whereas Microsoft has not seen any in-the-wild assaults, organizations are strongly urged to implement patches and mitigations “or danger leaving the group susceptible to a hybrid cloud and on-premises whole area compromise”. 

Microsoft on Wednesday additionally revealed a weblog put up to remind prospects about just lately introduced modifications to Change hybrid environments.

“Beginning in August 2025, we are going to start briefly blocking Change Net Providers (EWS) visitors utilizing the Change On-line shared service principal (which is by default utilized by some coexistence options in hybrid situations),” the corporate defined. Commercial. Scroll to proceed studying.

It added, “This is part of a phased technique to hurry up buyer adoption of the devoted Change hybrid app and making our buyer’s environments safer.”

It’s not unusual for menace actors to focus on Change Server cases. CISA’s Identified Exploited Vulnerabilities catalog at the moment consists of 17 Change flaws exploited since 2018.

Associated: Microsoft Paid Out $17 Million in Bug Bounties in Previous 12 months

Associated: Development Micro Warns of Apex One Vulnerabilities Exploited in Wild

Associated: Flaws Expose 100 Dell Laptop computer Fashions to Implants, Home windows Login Bypass

Security Week News Tags:, , , , , ,

Related Posts

Critical cPanel Vulnerability Exploited for Months Critical cPanel Vulnerability Exploited for Months Security Week News
CodeSecCon 2025: Where Software Security’s Next Chapter Unfolds CodeSecCon 2025: Where Software Security’s Next Chapter Unfolds Security Week News
Chrome, Edge Extensions Caught Tracking Users, Creating Backdoors Chrome, Edge Extensions Caught Tracking Users, Creating Backdoors Security Week News
Romanian Hacker Admits to Selling Access to US State Network Romanian Hacker Admits to Selling Access to US State Network Security Week News
Stryker Discovers Malicious File in Iran-Linked Cyberattack Probe Stryker Discovers Malicious File in Iran-Linked Cyberattack Probe Security Week News
Why Scamming Can’t Be Stopped—But It Can Be Managed Why Scamming Can’t Be Stopped—But It Can Be Managed Security Week News