Multiple vulnerabilities in Microsoft Dynamics

Описание

Multiple vulnerabilities were found in Microsoft Dynamics. Malicious users can exploit these vulnerabilities to execute arbitrary code, bypass security restrictions, obtain sensitive information, gain privileges.

Below is a complete list of vulnerabilities:

1. A remote code execution vulnerability in Microsoft Dynamics 365 On-Premises can be exploited remotely to execute arbitrary code.
2. An information disclosure vulnerability in Microsoft Power Automate Desktop can be exploited remotely to obtain sensitive information.
3. An elevation of privilege vulnerability in Microsoft Dynamics 365 Business Central can be exploited remotely to gain privileges.

Первичный источник обнаружения

• CVE-2026-42898
  CVE-2026-40374
  CVE-2026-42833
  CVE-2026-40417
  

Эксплуатация

Связанные продукты

• Microsoft-Dynamics-365
• Power-Automate-for-Desktop
• Microsoft-365

Список CVE

• CVE-2026-40374
  high
• CVE-2026-40417
  critical
• CVE-2026-42833
  critical
• CVE-2026-42898
  critical

Список KB

• 5078943
• 5086070
• 5093780
• 5086069
• 5086068

Смотрите также

Узнай статистику распространения уязвимостей в своем регионе statistics.securelist.com