{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2025-64666", "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "state": "PUBLISHED", "assignerShortName": "microsoft", "dateReserved": "2025-11-06T23:40:37.276Z", "datePublished": "2025-12-09T17:55:45.263Z", "dateUpdated": "2026-04-16T14:18:39.837Z"}, "containers": {"cna": {"title": "Microsoft Exchange Server Elevation of Privilege Vulnerability", "datePublic": "2025-12-09T08:00:00.000Z", "cpeApplicability": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:a:microsoft:exchange_server_2019:*:cumulative_update_15:*:*:*:*:*:*", "versionStartIncluding": "15.02.0.0", "versionEndExcluding": "15.02.1748.042"}, {"vulnerable": true, "criteria": "cpe:2.3:a:microsoft:exchange_server_2016:*:cumulative_update_23:*:*:*:*:*:*", "versionStartIncluding": "15.01.0.0", "versionEndExcluding": "15.01.2507.063"}, {"vulnerable": true, "criteria": "cpe:2.3:a:microsoft:exchange_server_se:*:RTM:*:*:*:*:*:*", "versionStartIncluding": "15.02.0.0", "versionEndExcluding": "15.02.2562.035"}, {"vulnerable": true, "criteria": "cpe:2.3:a:microsoft:exchange_server_2019:*:cumulative_update_14:*:*:*:*:*:*", "versionStartIncluding": "15.02.0.0", "versionEndExcluding": "15.02.1544.037"}]}]}], "affected": [{"vendor": "Microsoft", "product": "Microsoft Exchange Server 2016 Cumulative Update 23", "platforms": ["x64-based Systems"], "versions": [{"version": "15.01.0.0", "lessThan": "15.01.2507.063", "versionType": "custom", "status": "affected"}]}, {"vendor": "Microsoft", "product": "Microsoft Exchange Server 2019 Cumulative Update 14", "platforms": ["x64-based Systems"], "versions": [{"version": "15.02.0.0", "lessThan": "15.02.1544.037", "versionType": "custom", "status": "affected"}]}, {"vendor": "Microsoft", "product": "Microsoft Exchange Server 2019 Cumulative Update 15", "platforms": ["x64-based Systems"], "versions": [{"version": "15.02.0.0", "lessThan": "15.02.1748.042", "versionType": "custom", "status": "affected"}]}, {"vendor": "Microsoft", "product": "Microsoft Exchange Server Subscription Edition RTM", "platforms": ["x64-based Systems"], "versions": [{"version": "15.02.0.0", "lessThan": "15.02.2562.035", "versionType": "custom", "status": "affected"}]}], "descriptions": [{"value": "Improper input validation in Microsoft Exchange Server allows an authorized attacker to elevate privileges over a network.", "lang": "en-US"}], "problemTypes": [{"descriptions": [{"description": "CWE-20: Improper Input Validation", "lang": "en-US", "type": "CWE", "cweId": "CWE-20"}]}], "providerMetadata": {"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "shortName": "microsoft", "dateUpdated": "2026-04-16T14:18:39.837Z"}, "references": [{"name": "Microsoft Exchange Server Elevation of Privilege Vulnerability", "tags": ["vendor-advisory", "patch"], "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-64666"}], "metrics": [{"format": "CVSS", "scenarios": [{"lang": "en-US", "value": "GENERAL"}], "cvssV3_1": {"version": "3.1", "baseSeverity": "HIGH", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C"}}]}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2025-64666", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2025-12-10T04:56:36.547270Z"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-02-26T16:56:48.947Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2025-64666", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2025-12-10T04:56:36.547270Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-12-09T20:16:14.522Z"}}], "cna": {"title": "Microsoft Exchange Server Elevation of Privilege Vulnerability", "metrics": [{"format": "CVSS", "cvssV3_1": {"version": "3.1", "baseScore": 7.5, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C"}, "scenarios": [{"lang": "en-US", "value": "GENERAL"}]}], "affected": [{"vendor": "Microsoft", "product": "Microsoft Exchange Server 2016 Cumulative Update 23", "versions": [{"status": "affected", "version": "15.01.0.0", "lessThan": "15.01.2507.063", "versionType": "custom"}], "platforms": ["x64-based Systems"]}, {"vendor": "Microsoft", "product": "Microsoft Exchange Server 2019 Cumulative Update 14", "versions": [{"status": "affected", "version": "15.02.0.0", "lessThan": "15.02.1544.037", "versionType": "custom"}], "platforms": ["x64-based Systems"]}, {"vendor": "Microsoft", "product": "Microsoft Exchange Server 2019 Cumulative Update 15", "versions": [{"status": "affected", "version": "15.02.0.0", "lessThan": "15.02.1748.042", "versionType": "custom"}], "platforms": ["x64-based Systems"]}, {"vendor": "Microsoft", "product": "Microsoft Exchange Server Subscription Edition RTM", "versions": [{"status": "affected", "version": "15.02.0.0", "lessThan": "15.02.2562.035", "versionType": "custom"}], "platforms": ["x64-based Systems"]}], "datePublic": "2025-12-09T08:00:00.000Z", "references": [{"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-64666", "name": "Microsoft Exchange Server Elevation of Privilege Vulnerability", "tags": ["vendor-advisory", "patch"]}], "descriptions": [{"lang": "en-US", "value": "Improper input validation in Microsoft Exchange Server allows an authorized attacker to elevate privileges over a network."}], "problemTypes": [{"descriptions": [{"lang": "en-US", "type": "CWE", "cweId": "CWE-20", "description": "CWE-20: Improper Input Validation"}]}], "cpeApplicability": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:microsoft:exchange_server_2019:*:cumulative_update_15:*:*:*:*:*:*", "vulnerable": true, "versionEndExcluding": "15.02.1748.042", "versionStartIncluding": "15.02.0.0"}, {"criteria": "cpe:2.3:a:microsoft:exchange_server_2016:*:cumulative_update_23:*:*:*:*:*:*", "vulnerable": true, "versionEndExcluding": "15.01.2507.063", "versionStartIncluding": "15.01.0.0"}, {"criteria": "cpe:2.3:a:microsoft:exchange_server_se:*:RTM:*:*:*:*:*:*", "vulnerable": true, "versionEndExcluding": "15.02.2562.035", "versionStartIncluding": "15.02.0.0"}, {"criteria": "cpe:2.3:a:microsoft:exchange_server_2019:*:cumulative_update_14:*:*:*:*:*:*", "vulnerable": true, "versionEndExcluding": "15.02.1544.037", "versionStartIncluding": "15.02.0.0"}], "operator": "OR"}]}], "providerMetadata": {"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "shortName": "microsoft", "dateUpdated": "2026-04-16T14:18:39.837Z"}}}, "cveMetadata": {"cveId": "CVE-2025-64666", "state": "PUBLISHED", "dateUpdated": "2026-04-16T14:18:39.837Z", "dateReserved": "2025-11-06T23:40:37.276Z", "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "datePublished": "2025-12-09T17:55:45.263Z", "assignerShortName": "microsoft"}, "dataVersion": "5.2"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:microsoft:exchange_server:*:*:*:*:subscription:*:*:*", "matchCriteriaId": "AD6F2ED1-498D-489C-8F5A-4EBDF3AB854D", "versionEndExcluding": "15.02.2562.035", "vulnerable": true}, {"criteria": "cpe:2.3:a:microsoft:exchange_server:2016:-:*:*:*:*:*:*", "matchCriteriaId": "8039FBA1-73D4-4FF2-B183-0DCC961CBFF7", "vulnerable": true}, {"criteria": "cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_1:*:*:*:*:*:*", "matchCriteriaId": "56728785-188C-470A-9692-E6C7235109CA", "vulnerable": true}, {"criteria": "cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_10:*:*:*:*:*:*", "matchCriteriaId": "63E362CB-CF75-4B7E-A4B1-D6D84AFCBB68", "vulnerable": true}, {"criteria": "cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_11:*:*:*:*:*:*", "matchCriteriaId": "9BE04790-85A2-4078-88CE-1787BC5172E7", "vulnerable": true}, {"criteria": "cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_12:*:*:*:*:*:*", "matchCriteriaId": "CCF101BE-27FD-4E2D-A694-C606BD3D1ED7", "vulnerable": true}, {"criteria": "cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_13:*:*:*:*:*:*", "matchCriteriaId": "4DF5BDB5-205D-4B64-A49A-0152AFCF4A13", "vulnerable": true}, {"criteria": "cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_14:*:*:*:*:*:*", "matchCriteriaId": "55284CF7-0D04-4216-83FE-4B1F9CA94207", "vulnerable": true}, {"criteria": "cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_15:*:*:*:*:*:*", "matchCriteriaId": "CA2CE223-AA49-49E6-AC32-59270EFF55AD", "vulnerable": true}, {"criteria": "cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_16:*:*:*:*:*:*", "matchCriteriaId": "4830D6A9-AF74-480C-8F69-8648CD619980", "vulnerable": true}, {"criteria": "cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_17:*:*:*:*:*:*", "matchCriteriaId": "079E1E3F-FF25-4B0D-AC98-191D6455A014", "vulnerable": true}, {"criteria": "cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_18:*:*:*:*:*:*", "matchCriteriaId": "29805EC7-6403-44B9-91EC-109C087E98EB", "vulnerable": true}, {"criteria": "cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_19:*:*:*:*:*:*", "matchCriteriaId": "28FCA0E8-7D27-4746-9731-91B834CA3E64", "vulnerable": true}, {"criteria": "cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_2:*:*:*:*:*:*", "matchCriteriaId": "996163E7-6F3F-4D3B-AEA4-62A7F7E1F54D", "vulnerable": true}, {"criteria": "cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_20:*:*:*:*:*:*", "matchCriteriaId": "19C1EE0C-B8DD-4B91-BE4B-1C42D72FB718", "vulnerable": true}, {"criteria": "cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_21:*:*:*:*:*:*", "matchCriteriaId": "3BE427A4-B0C2-4064-8234-29426325C348", "vulnerable": true}, {"criteria": "cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_22:*:*:*:*:*:*", "matchCriteriaId": "449CE85B-E599-44D3-A7C1-5133F6A55E86", "vulnerable": true}, {"criteria": "cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_3:*:*:*:*:*:*", "matchCriteriaId": "FE401B0A-DDE4-4A36-8E27-6DB14E094BE2", "vulnerable": true}, {"criteria": "cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_4:*:*:*:*:*:*", "matchCriteriaId": "450319C4-7C8F-43B7-B7F8-80DA4F1F2817", "vulnerable": true}, {"criteria": "cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_5:*:*:*:*:*:*", "matchCriteriaId": "23015889-48AF-40A5-862F-290E73A54E77", "vulnerable": true}, {"criteria": "cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_6:*:*:*:*:*:*", "matchCriteriaId": "4FC34516-D7E7-4AD9-9B45-5474831548E0", "vulnerable": true}, {"criteria": "cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_7:*:*:*:*:*:*", "matchCriteriaId": "5211792E-5292-41C0-B7E9-8AA63EC606EE", "vulnerable": true}, {"criteria": "cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_8:*:*:*:*:*:*", "matchCriteriaId": "075E907F-AF2F-4C31-86C7-51972BE412A1", "vulnerable": true}, {"criteria": "cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_9:*:*:*:*:*:*", "matchCriteriaId": "69AF19DC-3D65-49A8-A85F-511085CDF27B", "vulnerable": true}, {"criteria": "cpe:2.3:a:microsoft:exchange_server:2019:-:*:*:*:*:*:*", "matchCriteriaId": "40D8A6DB-9225-4A3F-AD76-192F6CCCF002", "vulnerable": true}, {"criteria": "cpe:2.3:a:microsoft:exchange_server:2019:cumulative_update_1:*:*:*:*:*:*", "matchCriteriaId": "051DE6C4-7456-4C42-BC51-253208AADB4E", "vulnerable": true}, {"criteria": "cpe:2.3:a:microsoft:exchange_server:2019:cumulative_update_10:*:*:*:*:*:*", "matchCriteriaId": "B4185347-EEDD-4239-9AB3-410E2EC89D2A", "vulnerable": true}, {"criteria": "cpe:2.3:a:microsoft:exchange_server:2019:cumulative_update_11:*:*:*:*:*:*", "matchCriteriaId": "435343A4-BF10-461A-ABF2-D511A5FBDA75", "vulnerable": true}, {"criteria": "cpe:2.3:a:microsoft:exchange_server:2019:cumulative_update_12:*:*:*:*:*:*", "matchCriteriaId": "B23C8E3E-5243-4DA6-B9AA-F6053084B55E", "vulnerable": true}, {"criteria": "cpe:2.3:a:microsoft:exchange_server:2019:cumulative_update_13:*:*:*:*:*:*", "matchCriteriaId": "583745C7-B802-4CBE-BD88-B5B9AF9B5371", "vulnerable": true}, {"criteria": "cpe:2.3:a:microsoft:exchange_server:2019:cumulative_update_2:*:*:*:*:*:*", "matchCriteriaId": "EE320413-D2C9-4B28-89BF-361B44A3F0FF", "vulnerable": true}, {"criteria": "cpe:2.3:a:microsoft:exchange_server:2019:cumulative_update_3:*:*:*:*:*:*", "matchCriteriaId": "104F96DC-E280-4E0A-8586-B043B55888C2", "vulnerable": true}, {"criteria": "cpe:2.3:a:microsoft:exchange_server:2019:cumulative_update_4:*:*:*:*:*:*", "matchCriteriaId": "73B3B3FE-7E85-4B86-A983-2C410FFEF4B8", "vulnerable": true}, {"criteria": "cpe:2.3:a:microsoft:exchange_server:2019:cumulative_update_5:*:*:*:*:*:*", "matchCriteriaId": "8A9FB275-7F17-48B2-B528-BE89309D2AF5", "vulnerable": true}, {"criteria": "cpe:2.3:a:microsoft:exchange_server:2019:cumulative_update_6:*:*:*:*:*:*", "matchCriteriaId": "D4AB3C25-CEA8-4D66-AEE4-953C8B17911A", "vulnerable": true}, {"criteria": "cpe:2.3:a:microsoft:exchange_server:2019:cumulative_update_7:*:*:*:*:*:*", "matchCriteriaId": "36CE5C6D-9A04-41F5-AE7C-265779833649", "vulnerable": true}, {"criteria": "cpe:2.3:a:microsoft:exchange_server:2019:cumulative_update_8:*:*:*:*:*:*", "matchCriteriaId": "44ECF39A-1DE1-4870-A494-06A53494338D", "vulnerable": true}, {"criteria": "cpe:2.3:a:microsoft:exchange_server:2019:cumulative_update_9:*:*:*:*:*:*", "matchCriteriaId": "71CDF29B-116B-4DE2-AFD0-B62477FF0AEB", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Improper input validation in Microsoft Exchange Server allows an authorized attacker to elevate privileges over a network."}], "id": "CVE-2025-64666", "lastModified": "2026-01-02T21:15:10.337", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.6, "impactScore": 5.9, "source": "secure@microsoft.com", "type": "Secondary"}, {"cvssData": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.6, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2025-12-09T18:16:05.910", "references": [{"source": "secure@microsoft.com", "tags": ["Vendor Advisory"], "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-64666"}], "sourceIdentifier": "secure@microsoft.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-20"}], "source": "secure@microsoft.com", "type": "Primary"}, {"description": [{"lang": "en", "value": "NVD-CWE-noinfo"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}

{"analysis": {"en": {"generated_at": "2026-04-20T15:47:36.841187+00:00", "value": {"mitigation_remediation": ["Apply the latest cumulative update for Microsoft Exchange Server 2016 (CU23 or a newer release) and for Microsoft Exchange Server 2019 (CU14 or CU15 or a newer release).", "If an update cannot be applied immediately, restrict access to the Exchange services to trusted networks and enforce least\u2011privilege policies on all accounts that can reach the server.", "Continuously monitor authentication and privilege\u2011elevation logs for anomalous activity and consider enabling intrusion\u2011detection rules that flag unusual privilege changes."], "summary": {"action": "Immediate Patch", "impact": "Elevation of Privilege"}, "threat_synthesis": {"affected_systems": "Microsoft Exchange Server 2016 with Cumulative Update 23, Microsoft Exchange Server 2019 with Cumulative Updates 14 and 15, and the subscription\u2011edition rollout on its initial release (RTM). These are the versions explicitly identified by the CNA as affected. Other build numbers listed in the CPE list may be concurrent or superseded by these updates, but the CNA only confirms the above as impacted.", "description_and_impact": "The vulnerability is an improper input validation flaw in Microsoft Exchange Server that allows an authorized attacker connecting over a network to gain higher privileges than intended. The weakness falls under CWE\u201120, resulting in a potential compromise of system integrity where the attacker could execute actions as a privileged user or possibly control the server environment. The problem is not a denial-of-service or data exposure but a privilege escalation that can lead to full system compromise.", "risk_and_exploitability": "The CVSS score of 7.5 indicates a high severity of the flaw. The EPSS score of <1% suggests that the likelihood of exploitation is low at the time of this analysis. The vulnerability is not currently listed in CISA\u2019s KEV catalog. It presumably requires an authenticated or otherwise authorized attacker within the same network to trigger the flaw, as the description states that an authorized attacker can elevate privileges. Because no public exploit has been reported, the risk is moderate but the potential impact is high enough to warrant prompt remediation."}}}}, "created": "2026-04-20T16:00:10.652562+00:00", "updated": "2026-04-20T16:00:10.652571+00:00", "vendors": []}