Improper Handling of Additional Special Element

CVE-2025-25006

Medium

5.3/10

Summary

Improper handling of additional special element in Microsoft Exchange Server allows an unauthorized attacker to perform spoofing over a network.

Attack Complexity: LOW
Attack Vector: NETWORK
Integrity Impact: LOW
Scope: UNCHANGED
User Interaction: NONE
Privileges Required: NONE
Confidentiality Impact: NONE
Availability Impact: NONE

CWE-167 - Improper Handling of Additional Special Element

The software receives input from an upstream component, but it does not handle or incorrectly handles when an additional unexpected special element is provided.

References

Advisory Timeline

Published Aug 12, 2025

Improper Handling of Additional Special Element

CVE-2025-25006

Summary

CWE-167 - Improper Handling of Additional Special Element

References

Advisory Timeline

ChainJacking

JetBrains IDE

KICS SaaS