On-Prem Microsoft Exchange Server CVE-2026-42897 Exploited via Crafted Email
Summary
Microsoft has released a security advisory for a critical vulnerability, CVE-2026-42897, affecting on-premise Exchange Server installations. This spoofing bug, stemming from a cross-site scripting flaw, is reportedly being actively exploited in the wild. An anonymous researcher discovered and reported the vulnerability.
IFF Assessment
The active exploitation of a critical vulnerability in a widely used enterprise product represents a direct threat to organizations relying on it.
Severity
The CVSS score of 8.1 indicates a high severity. The vulnerability allows for spoofing, which can be used to trick users into revealing sensitive information or performing malicious actions, and it is actively being exploited in the wild, increasing its immediate risk.
Defender Context
Defenders need to prioritize patching on-premise Microsoft Exchange Servers immediately due to active exploitation of CVE-2026-42897. This vulnerability's exploitability through crafted emails necessitates heightened vigilance for phishing attempts and prompt application of security updates to prevent unauthorized access and data compromise.