Aug 2025: Microsoft Exchange Server Information Disclosure Vulnerability
CVE-2025-33051 Published on August 12, 2025
Exposure of sensitive information to an unauthorized actor in Microsoft Exchange Server allows an unauthorized attacker to disclose information over a network.
Weakness Type
What is an Information Disclosure Vulnerability?
The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.
CVE-2025-33051 has been classified to as an Information Disclosure vulnerability or weakness.
Products Associated with CVE-2025-33051
You can be notified by email with stack.watch whenever vulnerabilities like CVE-2025-33051 are published in these products:
Affected Versions
Microsoft Exchange Server 2019 Cumulative Update 14:- Version 15.02.0.0 and below 15.02.1544.033 is affected.
- Version 15.01.0.0 and below 15.01.2507.058 is affected.
- Version 15.02.0.0 and below 15.02.1748.036 is affected.
- Version 15.02.0.0 and below 15.02.2562.020 is affected.
Exploit Probability
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.