technology, background, desktop backgrounds, metaverse, 4k wallpaper 1920x1080, cybersecurity, cyber, wallpaper, beautiful wallpaper, abstract, circle, fiction, mac wallpaper, windows wallpaper, fantasy, computer, free wallpaper, wallpaper 4k, hd wallpaper, full hd wallpaper, free background, laptop wallpaper, internet, cool backgrounds, 4k wallpaper, digital, wallpaper hd, data
| |

A newly discovered vulnerability in Microsoft Exchange Server allows attackers to acquire administrative privileges.

Byinfosectoday.com

A critical security vulnerability in Microsoft Exchange Server hybrid deployments has been disclosed, allowing attackers with on-premises administrative access to escalate privileges to cloud environments without easily detectable traces. This vulnerability, tracked as CVE-2025-53786, was officially documented by Microsoft on August 6, 2025, following a demonstration by security researcher Dirk-Jan Mollema at the Black Hat cybersecurity conference. The issue arises from Microsoft’s Exchange hybrid deployment architecture, which traditionally relied on a shared service principal for authentication between on-premises Exchange servers and Exchange Online. Mollema showcased detailed exploitation techniques, revealing how attackers could modify user passwords, convert cloud users to hybrid users, and impersonate hybrid users. He noted that the access tokens involved are valid for 24 hours and cannot be revoked, leaving organisations vulnerable to unchecked access during that time.

The Cybersecurity and Infrastructure Security Agency (CISA) has classified this vulnerability as high-severity, highlighting its significant implications for enterprise security. CISA’s alert indicates that the flaw allows a cyber threat actor with administrative access to an on-premises Microsoft Exchange server to escalate privileges by exploiting vulnerable hybrid-joined configurations. If left unaddressed, this vulnerability could severely impact the identity integrity of an organisation’s Exchange Online service. Microsoft had begun addressing the issue with security changes announced on April 18, 2025, which included guidance on Exchange Server Security Changes for Hybrid Deployments. However, further investigation revealed that these changes were necessary to mitigate a real security vulnerability, leading to the formal documentation of CVE-2025-53786. The April announcement introduced a transition from shared service principals to dedicated Exchange hybrid applications, aimed at eliminating the security boundary issues that enabled the vulnerability. 

Similar Posts