Microsoft Exchange security advisory (AV25-490)

Serial number: AV25-490
Date: August 7, 2025

On August 6, 2025, Microsoft published a security update to address a vulnerability in the following products:

• Exchange Server 2016 CU23 – (KB5050674)
• Exchange Server 2019 CU14 – (KB5050673)
• Exchange Server 2019 CU15 – (KB5050672)
• Exchange Server Subscription Edition RTM – (KB5047155)

Exploitation of this vulnerability could allow an attacker to cause an elevation of privilege.

The Cyber Centre encourages users and administrators to review the provided web links and apply the necessary update.

• Microsoft Exchange Server Hybrid Deployment Elevation of Privilege Vulnerability
• Microsoft Releases Guidance on High-Severity Vulnerability (CVE-2025-53786) in Hybrid Exchange Deployments