Multiple vulnerabilities in Microsoft Azure

Açıklama

Multiple vulnerabilities were found in Microsoft Azure. Malicious users can exploit these vulnerabilities to gain privileges, spoof user interface.

Below is a complete list of vulnerabilities:

1. An elevation of privilege vulnerability in Azure Entra ID can be exploited remotely to gain privileges.
2. A spoofing vulnerability in Azure Monitor Log Analytics can be exploited remotely to spoof user interface.
3. An elevation of privilege vulnerability in Azure PlayFab can be exploited remotely to gain privileges.
4. An elevation of privilege vulnerability in Redis Enterprise can be exploited remotely to gain privileges.

Orijinal öneriler

• CVE-2025-59246

• CVE-2025-55321
• CVE-2025-59218
• CVE-2025-59247
• CVE-2025-59271

Kötüye kullanma

Public exploits exist for this vulnerability.

İlgili ürünler

• Microsoft-Entra-ID
• Azure-Monitor
• Azure-Managed-Redis
• Azure-PlayFab
• Azure-Cache-for-Redis-Enterprise

CVE Listesi

• CVE-2025-55321
  critical
• CVE-2025-59218
  critical
• CVE-2025-59246
  critical
• CVE-2025-59247
  critical
• CVE-2025-59271
  critical

KB Listesi

Daha fazlasını okuyun

Bölgenizde yayılan güvenlik açıklarının istatistiklerini öğrenin statistics.securelist.com