CERT-EU - High Severity Vulnerability in Microsoft Exchange

high-severity vulnerability (CVE-2025-53786) in Microsoft Exchange hybrid environments allows attackers with administrative access to on-premises Exchange Servers to escalate privileges into connected Exchange Online environments. The vulnerability affects Microsoft Exchange Server 2016 and 2019 versions. It is strongly recommended to apply the April 2025 Exchange Server Hotfix Updates and follow Microsoft’s configuration instructions to deploy the dedicated Exchange hybrid app.