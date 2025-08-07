The Cybersecurity and Infrastructure Security Agency (CISA) issued an alert Wednesday night warning of a “high-severity vulnerability we are actively monitoring and mitigating with on-premise Microsoft Exchange server” that came to light earlier in the day.

“As with all high-severity threats and vulnerabilities, we immediately began working with Microsoft and our government and industry partners to assess the scope and impact,” CISA said.

The cybersecurity agency is “strongly” encouraging all organizations “to implement Microsoft guidance to reduce risk.”

“This quick action is another example of the type of operational collaboration that is securing the nation’s critical infrastructure,” CISA said.

In explaining the CVE-2025-53786 vulnerability, CISA said it allows a cyber threat actor with administrative access to an on-premise Microsoft Exchange server to escalate privileges by exploiting vulnerable hybrid-joined configurations.”

“This vulnerability, if not addressed, could impact the identity integrity of an organization’s Exchange Online service,” the agency said.

According to CISA, “Microsoft has stated there is no observed exploitation as of the time of this alert’s publication.”

However, the agency said it “strongly urges organizations to implement Microsoft’s Exchange Server Hybrid Deployment Elevation of Privilege Vulnerability guidance … or risk leaving the organization vulnerable to a hybrid cloud and on-premises total domain compromise.”

CISA directed organizations to review Microsoft’s own Aug. 6 alert about the problem for additional guidance and to implement mitigation steps.