When Should We Call You?

Edit Template

Multiple Vulnerabilities in Microsoft Azure

Multiple Vulnerabilities in Microsoft Azure

Spread the love

Multiple Vulnerabilities in Microsoft Azure

Date Created : 04/09/2025

Source: Microsoft Azure Security Bulletin

Classification:

Impact: Loss of integrity, confidentiality, availability
Exploit: Unknown
Solution: Patch

RISKS:

Compromised data confidentiality
Privilege escalation

Affected Systems:

Azure Local Cluster versions prior to 2411.2
Azure Stack HCI OS 22H2 versions prior to 10.0.20348.3328
Azure Stack HCI OS 23H2 versions prior to 10.0.25398.1486
Windows Admin Center
Windows Admin Center in Azure Portal

Conclusion

Multiple high-severity vulnerabilities have been identified in Microsoft Azure. These vulnerabilities could allow an attacker to cause information disclosure and privilege escalation.

CVE-2025-29819: The issue occurs in Windows Admin Center in Azure Portal. Exploiting this vulnerability could allow a local attacker to disclose information locally.

CVE-2025-26628: The issue occurs in Azure Local Cluster. Insufficiently protected credentials in the Azure Local Cluster could allow an authorized attacker to disclose information locally.

CVE-2025-27489: The issue occurs in Azure Local. Exploiting this vulnerability could allow a local attacker to escalate privileges locally.

CVE-2025-25002: The issue occurs in Azure Local Cluster. Exploiting this vulnerability could allow an adjacent attacker to disclose information locally.

References:

CVE-2025-25002 CVSS score 6.80
CVE-2025-26628 CVSS score 7.30
CVE-2025-29819 CVSS score 6.20
CVE-2025-27489 CVSS score 7.80

Microsoft Security Advisory:

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-26628

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-25002

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-27489

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-29819

Solution:

Security Patch

Microsoft Windows Admin Center

https://info.microsoft.com/ww-landing-windows-admin-center.html

Microsoft Windows Admin Center in Azure Portal

Manage a Windows VMs using Windows Admin Center in Azure | Microsoft Learn

Microsoft Azure Stack HCI OS 23H2

About updates for Azure Local, version 23H2 – Azure Local | Microsoft Learn

Microsoft Azure Stack HCI OS 22H2

https://support.microsoft.com/en-us/topic/release-notes-for-azure-stack-hci-version-22h2-fea63106-a0a9-4b6c-bb72-a07985c98a56

Spread the love

Leave a Reply Cancel reply

Popular Articles

Most Recent Posts

All Post
Active Directory
azure
Azure Cloud
Azure Infrastructure
Azure Patch
Azure Security
Cloud
Cloud Computing
Exchange Server
Manage M365
Messaging
Microsoft
Microsoft 365
Microsoft Purview
News
Patch Tuesday
Request Call
Security
Security M365
Websites
Windows Server
Windows Server Patch

Simplify AD User Creation: GUI & PowerShell

Simplify AD User Creation: GUI & PowerShell

31/03/2025

How to Create Organizational Units (OUs) in Active Directory: GUI & PowerShell

How to Create Organizational Units (OUs) in Active Directory: GUI & PowerShell

24/03/2025

Domain controller installation with Power Shell

Domain controller installation with Power Shell

23/03/2025

apple vunirability

Multiple Vulnerabilities in Apple Products

17/04/2025

Multiple Vulnerabilities in Google Chrome

Multiple Vulnerabilities in Google Chrome

16/04/2025

Memory Corruption Vulnerability in Mozilla Firefox

Memory Corruption Vulnerability in Mozilla Firefox

16/04/2025

Content Spoofing Vulnerability in MIT Kerberos

Content Spoofing Vulnerability in MIT Kerberos

16/04/2025