AI description
CVE-2025-53786 is a vulnerability in Microsoft Exchange Server hybrid deployments. It allows an attacker with administrative access to an on-premises Exchange server to escalate privileges within the connected cloud environment. This can be achieved without leaving easily detectable traces. The vulnerability stems from the shared service principal used between on-premises Exchange servers and Exchange Online for authentication. By exploiting this, attackers can modify user passwords, convert cloud users to hybrid users, and impersonate hybrid users, gaining unchecked access for up to 24 hours. Microsoft recommends installing the April 2025 (or later) Hot Fix and implementing the changes in your Exchange Server and hybrid environment.
- Description
- On April 18th 2025, Microsoft announced Exchange Server Security Changes for Hybrid Deployments and accompanying non-security Hot Fix. Microsoft made these changes in the general interest of improving the security of hybrid Exchange deployments. Following further investigation, Microsoft identified specific security implications tied to the guidance and configuration steps outlined in the April announcement. Microsoft is issuing CVE-2025-53786 to document a vulnerability that is addressed by taking the steps documented with the April 18th announcement. Microsoft strongly recommends reading the information, installing the April 2025 (or later) Hot Fix and implementing the changes in your Exchange Server and hybrid environment.
- Source
- secure@microsoft.com
- NVD status
- Awaiting Analysis
CVSS 3.1
- Type
- Primary
- Base score
- 8
- Impact score
- 6
- Exploitability score
- 1.3
- Vector string
- CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H
- Severity
- HIGH
- secure@microsoft.com
- CWE-287
- Hype score
- Not currently trending
"CVE-2025-53786 – Anatomía de una escalada de privilegios silenciosa en entornos híbridos de Microsoft Exchange" https://t.co/RZg475MeTA https://t.co/WzNwVnAXtg
@DerechodelaRed
13 Sept 2025
1775 Impressions
6 Retweets
14 Likes
2 Bookmarks
1 Reply
1 Quote
⚖️ PATCH ALERT: Microsoft Fixes 100+ Flaws 🛡️💻 • Critical threats: 🔑 CVE-2025-53779 → Kerberos “BadSuccessor” path traversal 📩 CVE-2025-53786 → Exchange hybrid privilege escalation ➕ NTLM & GDI+/Word RCEs • Impact: Windows domains, hybrid Ex
@Newtalics
26 Aug 2025
140 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 CVE ALERT: Critical Microsoft Flaws ⚠️ • CVE-2025-53786 → Exchange hybrid EoP bug giving on-prem → Exchange Online admin (CISA issued emergency directive) 📩 • Kerberos (53779 zero-day) + NTLM (53778 EoP) → now patched 🔒 • Multiple RCE flaws in Office
@Newtalics
25 Aug 2025
76 Impressions
0 Retweets
2 Likes
0 Bookmarks
0 Replies
0 Quotes
⚠️Security Alert: Microsoft warns of CVE-2025-53786—a hybrid Exchange vulnerability allowing privilege escalation to Exchange Online. No attacks seen, but action is needed. Protect your environment: install the April 2025 Hotfix and Hybrid Application. 👉https://t.co/0jfX
@Helient
22 Aug 2025
30 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
week ago CISA issued an advisory on post-authentication vulnerability (CVE-2025-53786) in Microsoft Exchange hybrid-joined configurations that allows an attacker to move laterally from on-premises Exchange to the M365 cloud environment. https://t.co/VVKOxh1FiM
@CYPHERHACKER80
20 Aug 2025
0 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 SMB Alert: If you’re on hybrid Microsoft Exchange, this is your wake-up call. CVE-2025-53786 allows attackers with on-prem admin access to infiltrate your cloud. Over 29K servers remain unpatched. https://t.co/AI8yXmwuVX #Cybersecurity #SMB #MicrosoftExchange
@onestepsecureit
18 Aug 2025
9 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
A week ago CISA issued an advisory on post-authentication vulnerability (CVE-2025-53786) in Microsoft Exchange hybrid-joined configurations that allows an attacker to move laterally from on-premises Exchange to the M365 cloud environment. This vulnerability poses grave risk to ht
@0x534c
17 Aug 2025
868 Impressions
3 Retweets
14 Likes
9 Bookmarks
0 Replies
0 Quotes
🚨 CRITICAL Exchange CVE (CVE-2025-53786) 🚨 Post-auth EoP lets on-prem admins pivot straight into Exchange Online 😱 💥 Impact: Exchange 2016/2019/SE (hybrid) — ~29K servers still exposed 🛠 Fix: Install Apr 2025+ updates ➡ switch to Exchange Hybrid app ➡ rese
@Newtalics
15 Aug 2025
38 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
🛡 #Microsoft Patch Tuesday: 111 vulnerabilidades corregidas. ⚠ Zero-day en #Windows Kerberos (CVE-2025-53779) ⚠ Falla crítica en #Exchange híbrido (CVE-2025-53786) 💡 Actualiza de inmediato y protege tu red. #Ciberseguridad #Compunet https://t.co/aHmaz9dSWf
@CompunetChile
14 Aug 2025
51 Impressions
1 Retweet
1 Like
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-53786: Frequently Asked Questions About Microsoft Exchange Server Hybrid Deployment Elevation of Privilege Vulnerability https://t.co/BUxK5a9Rnj https://t.co/HH4s1Tyjnr
@IT_Peurico
14 Aug 2025
27 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🔔 Important Warning: Elevation of Privilege vulnerability (CVE-2025-53786) detected in Exchange Server. Update patches promptly to protect your email systems. 🔧 #Cybersecurity #ExchangeServer #PatchManagement https://t.co/hvhjEull1c
@CyberWolfGuard
13 Aug 2025
36 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
مع تدابير جديدة من CISA ومايكروسوفت، يجب على المؤسسات أن تكون على أهبة الاستعداد جراء ثغرة CVE-2025-53786 في خادم Exchange. بالرغم من عدم وجود دلائل على استغلال الثغرة
@Cybereayn
13 Aug 2025
38 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
29,000 Exchange Servers at Risk — Patch Now! Over 29,000 Microsoft Exchange servers remain unpatched against a high-severity flaw (CVE-2025-53786) allowing attackers with admin access to escalate privileges across cloud environments — often without detection. Affected: Exch
@ChbibAnas
13 Aug 2025
5 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Fun fact: CVE-2025-53786 lets attackers escalate from on-prem Exchange to cloud without audit trails because hybrid deployments share the same service principal. Translation: Your cloud logs won’t show the compromise path. Your SIEM will be blind to the lateral movement.
@agentbountyai
13 Aug 2025
25 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 CVE-2025-53786 Alert 🚨 @CISAgov warns of a high-severity flaw in Microsoft Exchange hybrid setups. Attackers with/ on-prem admin access could escalate into Exchange Online → total domain compromise. 📌 Patch + audit NOW: - Inventory servers - Apply April 2025 Hotfix
@TechNadu
13 Aug 2025
70 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
CRITICAL: Microsoft Releases Guidance on High-Severity Vulnerability (CVE-2025-53786) in Exchange Hybrid Deployments! The Cybersecurity and Infrastructure Security Agency (CISA) issues an Emergency Directive (ED 25-02), as exploitation could lead to complete identity takeover. h
@REFUND_BOARD
13 Aug 2025
47 Impressions
2 Retweets
3 Likes
0 Bookmarks
0 Replies
0 Quotes
#Breaking: @CISACyber: @Microsoft Releases Guidance on High-Severity Vulnerability (CVE-2025-53786) in Hybrid Exchange Deployments https://t.co/P9oDW79Uq8
@RWNews247WP
13 Aug 2025
46 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
We have helped alot of people Recover their lost/ Hacked Account and Wallets etc Let me help you recover that your Hacked Facebook, Instagram, Twitter Pinterest, Gmail, Snapchat etc.. #facebookdown #Hacked #WhatsApp #metamask #TwitterDown Microsoft just warned: CVE-2025-53786 htt
@CyberrSolutionz
13 Aug 2025
20 Impressions
1 Retweet
0 Likes
0 Bookmarks
0 Replies
0 Quotes
August #PatchTuesday overview: 🔹 CVE-2025-53767: 10.0 CVSS Azure OpenAI SSRF flaw, cloud takeover risk 🔹 CVE-2025-53786: Exchange hybrid bug, 29K+ servers exposed 🔹 Critical vulnerabilities in Azure, Windows GDI+, RRAS Full report: https://t.co/mNanBiFxyr
@feedly
12 Aug 2025
183 Impressions
0 Retweets
0 Likes
0 Bookmarks
2 Replies
0 Quotes
29,000+ Unpatched Exchange Servers at Risk from Critical Flaw https://t.co/lm8dviEq4e #cve-2025-53786 #UnpatchedServersRisk
@wizconsults
12 Aug 2025
30 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
DHS CISA ALERT Microsoft Releases Guidance on High-Severity Vulnerability (CVE-2025-53786) in Hybrid Exchange Deployments https://t.co/QpcfAERmOC
@smgihl
12 Aug 2025
4 Impressions
1 Retweet
1 Like
0 Bookmarks
0 Replies
0 Quotes
By @UsamaJawad96 - Microsoft has released August 2025 Security Updates (SUs) for Exchange Server deployments, containing fixes for the recent, high-severity CVE-2025-53786 flaw. #Microsoft #ExchangeServer https://t.co/Dr6EcLSO0p
@NeowinFeed
12 Aug 2025
63 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
MDVM Guidance for CVE-2025-53786: Exchange Hybrid Privilege Escalation https://t.co/EkG28llly8 #patchmanagement
@eyalestrin
12 Aug 2025
2 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🛡️ 29,000 servidores Exchange siguen expuestos a un fallo crítico La vulnerabilidad CVE-2025-53786 en Microsoft Exchange híbrido causa estragos. Esta falla permite a atacantes con acceso administrativo local escalar privilegios en Microsoft 365. ¿Y cómo? Mediante la
@CycuraMX
12 Aug 2025
128 Impressions
2 Retweets
6 Likes
1 Bookmark
0 Replies
0 Quotes
By @ziks_99 - Microsoft has released a patch for CVE-2025-53786, an Elevation of Privilege vulnerability that affects Microsoft Exchange Server 2016 and 2019. #Microsoft #ExchangeServer https://t.co/v7zKKA6Uil
@NeowinFeed
12 Aug 2025
431 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
MDVM Guidance for CVE-2025-53786: Exchange Hybrid Privilege Escalation https://t.co/fQ2GealjkQ #Microsoft #techcommunity
@MSITTechNews
12 Aug 2025
16 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 ALERTE SÉCURITÉ : +29 000 serveurs Exchange non protégés Une faille critique (CVE-2025-53786) permet aux hackers d'escalader leurs privilèges dans les environnements cloud Microsoft et de compromettre entièrement les domaines d'entreprise. 📊 Répartition géograph
@hacker_art_io
11 Aug 2025
72 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 Over 29,000 Microsoft Exchange servers remain unpatched for CVE-2025-53786, a high-severity flaw that could enable total domain compromise in hybrid cloud environments. CISA has ordered federal agencies to update immediately, and all organizations are urged to do the https:
@Broadleaf_Group
11 Aug 2025
49 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
Over 29,000 Exchange servers unpatched against high-severity flaw A newly disclosed Exchange hybrid vulnerability, CVE-2025-53786, enables stealthy cloud privilege escalation when an attacker.... @CosmicMetaX #Exch https://t.co/b1Zeb7Vtqj
@CosmicMetaX
11 Aug 2025
14 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Over 29,000 Exchange servers unpatched against high-severity flaw A newly disclosed Exchange hybrid vulnerability, CVE-2025-53786, enables stealthy cloud privilege escalation when an attacker.... @CosmicMetaX #Exchange https://t.co/HGoyuhRpKZ
@CosmicMetaZ
11 Aug 2025
11 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
A Russia-linked threat group known as RomCom has been exploiting a newly discovered #WinRAR zero-day, CVE-2025-8088; over 29,000 #Microsoft Exchange servers also remain unpatched against CVE-2025-53786. https://t.co/SmKMXPKCPu
@NetizenCorp
11 Aug 2025
20 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
#securityupdate #microsoft #定例外 2025. 8. 6 Microsoft Exchange Server Hybrid Deployment Elevation of Privilege Vulnerability CVE-2025-53786 Security Vulnerability リリース日: 2025年8月6日 - マイクロソフト https://t.co/iVLmz56tyq
@kawn2020
11 Aug 2025
82 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
1 Quote
CVE-2025-53786: Frequently Asked Questions About Microsoft Exchange Server Hybrid Deployment Elevation of Privilege Vulnerability https://t.co/5zTQJtG2Oo https://t.co/cv3ir5F8S5
@ggrubamn
11 Aug 2025
44 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Over 28,000 Microsoft Exchange servers remain exposed to the internet with a critical vulnerability (CVE-2025-53786)! This affects hybrid environments where an on-premises Exchange Server connects to Microsoft 365. If attackers gain admin rights on-premises, they could breach ht
@alitajran
11 Aug 2025
11776 Impressions
44 Retweets
150 Likes
121 Bookmarks
1 Reply
3 Quotes
Over 29,000 Microsoft Exchange servers remain unpatched against CVE-2025-53786, enabling privilege escalation and domain compromise. Federal agencies urged to update systems after April 2025 hotfix release. #CVE2025 #MicrosoftExchange #USA https://t.co/34JE3f1jpQ
@TweetThreatNews
11 Aug 2025
28 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
Over 29,000 unpatched Exchange servers remain vulnerable to CVE-2025-53786, risking domain takeover. US, Germany, and Russia are most exposed. Patch now or isolate vulnerable systems. Details: https://t.co/ElOmj9RWj6
@RedTeamNewsBlog
11 Aug 2025
33 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Over 28,000 Microsoft Exchange Servers Exposed Online to CVE-2025-53786 Vulnerability https://t.co/EyoyG30k7W
@PVynckier
10 Aug 2025
265 Impressions
5 Retweets
7 Likes
1 Bookmark
1 Reply
0 Quotes
We have helped alot of people Recover their lost/ Hacked Account and Wallets etc Let me help you recover that your Hacked Facebook, Instagram, Twitter Pinterest, Gmail, Snapchat etc.. #facebookdown #Hacked #WhatsApp #metamask #TwitterDown Microsoft just warned: CVE-2025-53786 nge
@snaphacck
10 Aug 2025
2 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 Microsoft Issues CVE-2025-53786 Patch for Exchange Server Addresses critical flaws in hybrid environments. IT admins: Deploy immediately to safeguard your systems! #MicrosoftSecurity #CVE #ExchangeServer https://t.co/scY27HIfiQ
@CyberWolfGuard
10 Aug 2025
51 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-53786: Frequently Asked Questions About Microsoft Exchange Server Hybrid Deployment Elevation of Privilege Vulnerability https://t.co/xZOUekQ8BY https://t.co/3FxS0JzOyR
@EAlexStark
10 Aug 2025
82 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
🚨 CISA just issued a MANDATORY order! Federal agencies MUST patch the new critical Exchange flaw (CVE-2025-53786) by Monday. Don't wait, systems are at risk! #CyberSecurity #ExchangeFlaw https://t.co/IjUL6v5FNB
@xcybersecnews
10 Aug 2025
47 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CRITICAL: Microsoft Releases Guidance on High-Severity Vulnerability (CVE-2025-53786) in Exchange Hybrid Deployments! The Cybersecurity and Infrastructure Security Agency (CISA) issues an Emergency Directive (ED 25-02), as exploitation could lead to complete identity takeover. h
@GlobalCyberTM
10 Aug 2025
123 Impressions
7 Retweets
10 Likes
6 Bookmarks
0 Replies
0 Quotes
28.000 server Microsoft Exchange vulnerabili a CVE-2025-53786: lo stato della minaccia il blog: https://t.co/gMh4Clqw9R #cybersecurity #cve #exchange #microsoft #rce https://t.co/Kr4DB2Vd8T
@nuke86
10 Aug 2025
3 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
"CISA is aware of the newly disclosed high-severity vulnerability, CVE-2025-53786," the August 6 advisory warned, "that allows a cyber threat actor with administrative access to an on-premise Microsoft Exchange server to escalate privileges by exploiting vulnerable hybrid-joined
@DanRamo07555230
10 Aug 2025
80 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Microsoft just warned: CVE-2025-53786 lets hackers silently escalate privileges from on-prem Exchange to the cloud. https://t.co/3Xo7qLM81z
@poulsen_hacks
9 Aug 2025
2 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Over 28,000 Microsoft Exchange Servers Exposed Online to CVE-2025-53786 Vulnerability #cybersecurity #cloud #privacy https://t.co/2qqzYn13jZ
@NRG_fx
9 Aug 2025
36 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
CISA orders fed agencies to patch new Exchange flaw by Monday CVE-2025-53786 https://t.co/NDRyCza7Sb
@ManuelDantas
9 Aug 2025
0 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-53786は、オンプレミスのMicrosoft Exchange ServerとMicrosoft 365間のハイブリッド構成に存在する重大な特権昇格脆弱性で、世界で28,000台以上が未修正のまま公開状態にある。
@yousukezan
9 Aug 2025
2743 Impressions
2 Retweets
15 Likes
4 Bookmarks
0 Replies
0 Quotes
Über 28.000 hybride Exchange-Instanzen, die für CVE-2025-53786 anfällig sind, wurden gefunden. Deutschland ist mit 6.500 Stück gut dabei. Die CISA verlangt patchen bis 11.8.2025 https://t.co/gNSJbRAeac
@etguenni
9 Aug 2025
215 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
Over 28.000 hybride Exchange instances vulnerable to CVE-2025-53786 are found. https://t.co/gNSJbRAeac
@etguenni
9 Aug 2025
199 Impressions
1 Retweet
0 Likes
0 Bookmarks
0 Replies
0 Quotes