The Cybersecurity and Infrastructure Security Agency (CISA) has issued an Emergency Directive regarding a newly disclosed high-severity vulnerability (CVE-2025-53786) in Microsoft Exchange hybrid deployments. This flaw could allow attackers with administrative access to an on-premise Exchange server to escalate privileges by exploiting improperly secured hybrid-joined configurations, potentially compromising the integrity of Exchange Online. Although Microsoft reports no known exploitation to date, both Microsoft and CISA urge immediate action. Organizations using or having previously configured hybrid Exchange setups should follow Microsoft’s latest guidance, including installing April 2025 hotfix updates, deploying a dedicated hybrid app, and resetting service principal credentials as needed. Running the Exchange Health Checker is also advised to ensure full remediation. Additionally, CISA recommends disconnecting any public-facing Exchange or SharePoint servers that have reached end-of-life, such as SharePoint Server 2013. For continued updates, Microsoft’s blog on hybrid deployment changes should be monitored. For more details, refer to both the Emergency Directive and Microsoft guidance.