CVEDB API

Incorrect implementation of authentication algorithm in Microsoft Exchange Server allows an unauthorized attacker to elevate privileges locally.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.003

EPSS Ranking 24.1%

CVSS Severity

CVSS v3 Score 8.4

References

Products affected by CVE-2025-53782

Microsoft » Exchange Server » Version: 2016

cpe:2.3:a:microsoft:exchange_server:2016
Microsoft » Exchange Server » Version: 2019

cpe:2.3:a:microsoft:exchange_server:2019
Microsoft » Exchange Server Subscription Edition » Version: N/A

cpe:2.3:a:microsoft:exchange_server_subscription_edition:-
Microsoft » Exchange Server Subscription Edition » Version: 15.02.2562.017

cpe:2.3:a:microsoft:exchange_server_subscription_edition:15.02.2562.017
Microsoft » Exchange Server Subscription Edition » Version: 15.02.2562.020

cpe:2.3:a:microsoft:exchange_server_subscription_edition:15.02.2562.020
Microsoft » Exchange Server Subscription Edition » Version: 15.02.2562.027

cpe:2.3:a:microsoft:exchange_server_subscription_edition:15.02.2562.027