Microsoft has issued a notification concerning a significant security vulnerability impacting on-premise iterations of Exchange Server that might permit an attacker to obtain elevated permissions under specific circumstances.
The flaw, identified as CVE-2025-53786, has a CVSS rating of 8.0. Dirk-jan Mollema from Outsider Security has been recognized for bringing attention to this issue.
“In the context of an Exchange hybrid setup, an