VYPR
High severity7.5NVD Advisory· Published Dec 9, 2025· Updated Jun 15, 2026

CVE-2025-64666

CVE-2025-64666

Description

Improper input validation in Microsoft Exchange Server allows an authorized attacker to elevate privileges over a network.

Affected products

43
  • cpe:2.3:a:microsoft:exchange_server:2016:-:*:*:*:*:*:*+ 38 more
    • cpe:2.3:a:microsoft:exchange_server:2016:-:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_1:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_10:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_11:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_12:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_13:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_14:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_15:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_16:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_17:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_18:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_19:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_2:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_20:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_21:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_22:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_3:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_4:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_5:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_6:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_7:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_8:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_9:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:exchange_server:2019:-:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:exchange_server:2019:cumulative_update_1:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:exchange_server:2019:cumulative_update_10:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:exchange_server:2019:cumulative_update_11:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:exchange_server:2019:cumulative_update_12:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:exchange_server:2019:cumulative_update_13:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:exchange_server:2019:cumulative_update_2:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:exchange_server:2019:cumulative_update_3:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:exchange_server:2019:cumulative_update_4:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:exchange_server:2019:cumulative_update_5:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:exchange_server:2019:cumulative_update_6:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:exchange_server:2019:cumulative_update_7:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:exchange_server:2019:cumulative_update_8:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:exchange_server:2019:cumulative_update_9:*:*:*:*:*:*
    • (no CPE)
    • (no CPE)range: 15.02.0.0
  • cpe:2.3:a:microsoft:exchange_server_subscription_edition:*:*:*:*:*:*:*:*
    Range: <15.02.2562.035
  • Microsoft/Microsoft Exchange Server 2016 Cumulative Update 23v5
    Range: 15.01.0.0
  • Microsoft/Microsoft Exchange Server 2019 Cumulative Update 14v5
    Range: 15.02.0.0
  • Microsoft/Microsoft Exchange Server 2019 Cumulative Update 15v5
    Range: 15.02.0.0

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.