Ref# ADV2025_258 | Date: Aug 8th 2025

---

Microsoft Exchange has published a security advisory highlighting vulnerabilities in the following products on August 6th, 2025. It is recommended that you take the necessary precautions by ensuring your products are always updated. 

• Exchange Server 2016 CU23 – (KB5050674) 
• Exchange Server 2019 CU14 – (KB5050673) 
• Exchange Server 2019 CU15 – (KB5050672) 
• Exchange Server Subscription Edition RTM – (KB5047155) 

For more information on these updates, you can follow these URLs: 

• Microsoft Exchange Server Hybrid Deployment Elevation of Privilege Vulnerability 

• Microsoft Releases Guidance on High-Severity Vulnerability (CVE-2025-53786) in Hybrid Exchange Deployments 

The Guyana National CIRT recommends that users and administrators review these updates and apply them where necessary. 

PDF Download: Microsoft Exchange Security Advisory

References 

• CISA Cybersecurity Alerts & Advisories (August 6th, 2025). Retrieved from Microsoft Edge. https://www.cisa.gov/news-events/cybersecurity-advisories  

• Microsoft Exchange Security Advisory. (August 7th, 2025). Retrieved from Canadian Centre for Cyber Security. https://www.cyber.gc.ca/en/alerts-advisories/microsoft-exchange-security-advisory-av25-490