BeyondMachines :verified:@beyondmachines1@infosec.exchange
CISA and Microsoft warn of an Exchange Server Hybrid flaw enabling attackers to compromise the Cloud instance
CISA and Microsoft are warning of a vulnerability (CVE-2025-53786) in Exchange Server hybrid deployments that allows authenticated attackers with administrative access to escalate privileges from on-premises Exchange servers to connected cloud environments.
If you run Exchange Server in hybrid mode with cloud services, plan an install Microsoft's April 2025 hotfix updates and follow their dedicated hybrid app configuration guidance. Yes, the exploit requires admin privileges on the on-prem server. Yes, someone will get those given enough time. So don't give them the time.
#cybersecurity #infosec #advisory #vulnerability
https://beyondmachines.net/event_details/cisa-and-microsoft-warn-of-an-exchange-server-hybrid-flaw-enabling-attackers-to-compromise-the-cloud-instance-t-4-5-z-r/gD2P6Ple2L