CVE-2025-25006
Unknown Unknown - Not Provided
BaseFortify

Publication date: 2025-08-12

Last updated on: 2025-09-03

Assigner: Microsoft Corporation

Description
Improper handling of additional special element in Microsoft Exchange Server allows an unauthorized attacker to perform spoofing over a network.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-08-12
Last Modified
2025-09-03
Generated
2026-05-06
AI Q&A
2025-08-12
EPSS Evaluated
2026-05-05
NVD
CVE-2025-25006
EUVD
EUVD-2025-24363
Affected Vendors & Products
Showing 37 associated CPEs
Vendor Product Version / Range
microsoft exchange_server to 15.02.2562.020 (exc)
microsoft exchange_server 2016
microsoft exchange_server 2016
microsoft exchange_server 2016
microsoft exchange_server 2016
microsoft exchange_server 2016
microsoft exchange_server 2016
microsoft exchange_server 2016
microsoft exchange_server 2016
microsoft exchange_server 2016
microsoft exchange_server 2016
microsoft exchange_server 2016
microsoft exchange_server 2016
microsoft exchange_server 2016
microsoft exchange_server 2016
microsoft exchange_server 2016
microsoft exchange_server 2016
microsoft exchange_server 2016
microsoft exchange_server 2016
microsoft exchange_server 2016
microsoft exchange_server 2016
microsoft exchange_server 2016
microsoft exchange_server 2016
microsoft exchange_server 2019
microsoft exchange_server 2019
microsoft exchange_server 2019
microsoft exchange_server 2019
microsoft exchange_server 2019
microsoft exchange_server 2019
microsoft exchange_server 2019
microsoft exchange_server 2019
microsoft exchange_server 2019
microsoft exchange_server 2019
microsoft exchange_server 2019
microsoft exchange_server 2019
microsoft exchange_server 2019
microsoft exchange_server 2019
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-167 The product receives input from an upstream component, but it does not handle or incorrectly handles when an additional unexpected special element is provided.
CWE-NVD-CWE-Other
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?

This vulnerability involves improper handling of an additional special element in Microsoft Exchange Server, which allows an unauthorized attacker to perform spoofing over a network.


How can this vulnerability impact me? :

The vulnerability can allow an attacker to spoof network communications, potentially misleading users or systems by impersonating trusted entities, which may lead to misinformation or unauthorized actions.


Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70
EPSS Chart