Emergency Security Alert: Urgent Action Required for Critical Microsoft Exchange Vulnerability

Microsoft and the U.S. Cybersecurity and Infrastructure Security Agency (CISA) have issued urgent warnings about a critical vulnerability, tracked as CVE-2025-53786, affecting Microsoft Exchange hybrid deployments. This high-severity flaw allows attackers with administrative access to on-premises Exchange servers to escalate privileges in connected Microsoft 365 cloud environments, all without leaving detectable audit trails.

CISA has issued Emergency Directive 25-02, mandating all Federal Civilian Executive Branch agencies to implement mitigations by 9:00 AM EDT on Monday, August 11, 2025. The vulnerability, discovered by security researcher Dirk-Jan Mollema and demonstrated at Black Hat 2025, exploits the shared service principal between Exchange Server and Exchange Online in hybrid configurations.

According to The Shadowserver Foundation, over 28,000 unpatched Exchange servers remain exposed on the public internet. The vulnerability carries a CVSS score of 8.0 and could potentially lead to total domain compromise. Microsoft has plans to permanently block Exchange Web Services traffic using the shared service principal after October 31, 2025, as part of transitioning to a more secure Graph API architecture.

Source: CISA News Alerts

Move to the category:

Leave a Reply

Your email address will not be published. Required fields are marked *