CVE-2025-21199

🗓️ 11 Mar 2025 16:59:06Reported by microsoftType

Improper privilege management in Azure Agent Installer allows local privilege escalation by attackers.

Reporter	Title	Published	Views	Family All 14
Circl	CVE-2025-21199	11 Mar 202516:39	–	circl
CNNVD	Microsoft Azure 安全漏洞	11 Mar 202500:00	–	cnnvd
CNVD	Microsoft Azure Agent Installer for Backup and Site Recovery Elevation of Privilege Vulnerability	12 Mar 202500:00	–	cnvd
Cvelist	CVE-2025-21199 Azure Agent Installer for Backup and Site Recovery Elevation of Privilege Vulnerability	11 Mar 202516:59	–	cvelist
EUVD	EUVD-2025-6342	3 Oct 202520:07	–	euvd
Kaspersky	KLA81540 Multiple vulnerabilities in Microsoft Azure	11 Mar 202500:00	–	kaspersky
Microsoft CVE	Azure Agent Installer for Backup and Site Recovery Elevation of Privilege Vulnerability	11 Mar 202507:00	–	mscve
NCSC	Vulnerabilities fixed in Microsoft Azure	11 Mar 202518:45	–	ncsc
NVD	CVE-2025-21199	11 Mar 202517:16	–	nvd
OSV	CVE-2025-21199	11 Mar 202517:16	–	osv

NVD

Vulners

CNA

Node

microsoft azure_agentRange<2.0.9940.0backup

microsoft azure_agentRange<9.30site_recovery

[
  {
    "vendor": "Microsoft",
    "product": "Azure Agent for Backup",
    "versions": [
      {
        "version": "1.0.0",
        "lessThan": "2.0.9940.0",
        "versionType": "custom",
        "status": "affected"
      }
    ]
  },
  {
    "vendor": "Microsoft",
    "product": "Azure Agent for Site Recovery",
    "versions": [
      {
        "version": "1.0.0",
        "lessThan": "9.30",
        "versionType": "custom",
        "status": "affected"
      }
    ]
  }
]

Source	Link
msrc	www.msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21199

13 Feb 2026 19:38Current

6.6Medium risk

Vulners AI Score6.6

CVSS 3.16.7

EPSS0.0008

SSVC

CWE-269