VYPR
Medium severity5.3NVD Advisory· Published Aug 12, 2025· Updated Jun 17, 2026

CVE-2025-25006

CVE-2025-25006

Description

Improper handling of additional special element in Microsoft Exchange Server allows an unauthorized attacker to perform spoofing over a network.

Affected products

42
  • cpe:2.3:a:microsoft:exchange_server:2016:-:*:*:*:*:*:*+ 37 more
    • cpe:2.3:a:microsoft:exchange_server:2016:-:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_1:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_10:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_11:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_12:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_13:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_14:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_15:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_16:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_17:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_18:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_19:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_2:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_20:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_21:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_3:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_4:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_5:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_6:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_7:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_8:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_9:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:exchange_server:2019:-:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:exchange_server:2019:cumulative_update_1:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:exchange_server:2019:cumulative_update_10:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:exchange_server:2019:cumulative_update_11:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:exchange_server:2019:cumulative_update_12:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:exchange_server:2019:cumulative_update_13:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:exchange_server:2019:cumulative_update_2:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:exchange_server:2019:cumulative_update_3:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:exchange_server:2019:cumulative_update_4:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:exchange_server:2019:cumulative_update_5:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:exchange_server:2019:cumulative_update_6:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:exchange_server:2019:cumulative_update_7:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:exchange_server:2019:cumulative_update_8:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:exchange_server:2019:cumulative_update_9:*:*:*:*:*:*
    • (no CPE)
    • (no CPE)range: 15.02.0.0
  • cpe:2.3:a:microsoft:exchange_server_subscription_edition:*:*:*:*:*:*:*:*
    Range: <15.02.2562.020
  • Microsoft/Microsoft Exchange Server 2016 Cumulative Update 23v5
    Range: 15.01.0.0
  • Microsoft/Microsoft Exchange Server 2019 Cumulative Update 14v5
    Range: 15.02.0.0
  • Microsoft/Microsoft Exchange Server 2019 Cumulative Update 15v5
    Range: 15.02.0.0

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.