7.8
CVE-2025-27743
- EPSS 1.12%
- Veröffentlicht 08.04.2025 17:23:25
- Zuletzt bearbeitet 10.07.2025 15:13:40
- Quelle secure@microsoft.com
- CVE-Watchlists
- Unerledigt
LoginMicrosoft System Center Elevation of Privilege Vulnerability
Untrusted search path in System Center allows an authorized attacker to elevate privileges locally.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Microsoft ≫ System Center Data Protection Manager Version2019 Update-
Microsoft ≫ System Center Data Protection Manager Version2022 Update-
Microsoft ≫ System Center Data Protection Manager Version2025 Update-
Microsoft ≫ System Center Operations Manager Version2019 Update-
Microsoft ≫ System Center Operations Manager Version2022 Update-
Microsoft ≫ System Center Operations Manager Version2025 Update-
Microsoft ≫ System Center Orchestrator Version2019 Update-
Microsoft ≫ System Center Orchestrator Version2022 Update-
Microsoft ≫ System Center Orchestrator Version2025 Update-
Microsoft ≫ System Center Service Manager Version2019 Update-
Microsoft ≫ System Center Service Manager Version2022 Update-
Microsoft ≫ System Center Service Manager Version2025 Update-
Microsoft ≫ System Center Virtual Machine Manager Version2019 Update-
Microsoft ≫ System Center Virtual Machine Manager Version2022 Update-
Microsoft ≫ System Center Virtual Machine Manager Version2025 Update-
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 1.12% | 0.781 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| secure@microsoft.com | 7.8 | 1.8 | 5.9 |
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
|
CWE-426 Untrusted Search Path
The product searches for critical resources using an externally-supplied search path that can point to resources that are not under the product's direct control.