Multiple vulnerabilities in Microsoft Azure

Описание

Multiple vulnerabilities were found in Microsoft Azure. Malicious users can exploit these vulnerabilities to spoof user interface, bypass security restrictions, execute arbitrary code, gain privileges.

Below is a complete list of vulnerabilities:

1. A spoofing vulnerability in Azure Cosmos DB can be exploited remotely to spoof user interface.
2. A remote code execution vulnerability in Azure Container Apps can be exploited remotely to execute arbitrary code.
3. An elevation of privilege vulnerability in Microsoft Partner Center can be exploited remotely to gain privileges.
4. An elevation of privilege vulnerability in Custom Question Answering can be exploited remotely to gain privileges.

Первичный источник обнаружения

• CVE-2025-64675
  CVE-2025-65037
  CVE-2025-65041
  CVE-2025-64663
  

Связанные продукты

• Microsoft-Azure

Список CVE

• CVE-2025-64663
  critical
• CVE-2025-65037
  critical
• CVE-2025-65041
  critical
• CVE-2025-64675
  critical

Смотрите также

Узнай статистику распространения уязвимостей в своем регионе statistics.securelist.com