CVE-2025-27743 Microsoft System Center Elevation of Privilege Vulnerability

🗓️ 08 Apr 2025 17:23:25Reported by microsoftType

Microsoft System Center vulnerability allows privilege elevation, posing security risks for users.

Reporter	Title	Published	Views	Family All 13
BDU FSTEC	The vulnerability of programs for managing and monitoring IT services such as Microsoft System Center Operations Manager, System Center Service Manager, System Center Orchestrator, System Center Data Protection Manager, and System Center Virtual Machine Manager lies in the use of an insecure search path, which allows an attacker to escalate their privileges.	11 Apr 202500:00	–	bdu_fstec
Circl	CVE-2025-27743	8 Apr 202516:14	–	circl
CNNVD	Microsoft System Center Operations Manager 代码问题漏洞	8 Apr 202500:00	–	cnnvd
CVE	CVE-2025-27743	8 Apr 202517:23	–	cve
EUVD	EUVD-2025-10147	3 Oct 202520:07	–	euvd
Kaspersky	KLA82404 PE vulnerability in Microsoft System Center	8 Apr 202500:00	–	kaspersky
Microsoft CVE	Microsoft System Center Elevation of Privilege Vulnerability	8 Apr 202507:00	–	mscve
NCSC	Vulnerability fixed in Microsoft System Center	8 Apr 202518:52	–	ncsc
NVD	CVE-2025-27743	8 Apr 202518:16	–	nvd
OSV	CVE-2025-27743	8 Apr 202518:16	–	osv

[
  {
    "vendor": "Microsoft",
    "product": "System Center Data Protection Manager 2019",
    "versions": [
      {
        "version": "-",
        "status": "affected"
      }
    ]
  },
  {
    "vendor": "Microsoft",
    "product": "System Center Data Protection Manager 2022",
    "versions": [
      {
        "version": "-",
        "status": "affected"
      }
    ]
  },
  {
    "vendor": "Microsoft",
    "product": "System Center Data Protection Manager 2025",
    "versions": [
      {
        "version": "-",
        "status": "affected"
      }
    ]
  },
  {
    "vendor": "Microsoft",
    "product": "System Center Operations Manager 2019",
    "versions": [
      {
        "version": "-",
        "status": "affected"
      }
    ]
  },
  {
    "vendor": "Microsoft",
    "product": "System Center Operations Manager 2022",
    "versions": [
      {
        "version": "-",
        "status": "affected"
      }
    ]
  },
  {
    "vendor": "Microsoft",
    "product": "System Center Operations Manager 2025",
    "versions": [
      {
        "version": "-",
        "status": "affected"
      }
    ]
  },
  {
    "vendor": "Microsoft",
    "product": "System Center Orchestrator 2019",
    "versions": [
      {
        "version": "-",
        "status": "affected"
      }
    ]
  },
  {
    "vendor": "Microsoft",
    "product": "System Center Orchestrator 2022",
    "versions": [
      {
        "version": "-",
        "status": "affected"
      }
    ]
  },
  {
    "vendor": "Microsoft",
    "product": "System Center Orchestrator 2025",
    "versions": [
      {
        "version": "-",
        "status": "affected"
      }
    ]
  },
  {
    "vendor": "Microsoft",
    "product": "System Center Service Manager 2019",
    "versions": [
      {
        "version": "-",
        "status": "affected"
      }
    ]
  },
  {
    "vendor": "Microsoft",
    "product": "System Center Service Manager 2022",
    "versions": [
      {
        "version": "-",
        "status": "affected"
      }
    ]
  },
  {
    "vendor": "Microsoft",
    "product": "System Center Service Manager 2025",
    "versions": [
      {
        "version": "-",
        "status": "affected"
      }
    ]
  },
  {
    "vendor": "Microsoft",
    "product": "System Center Virtual Machine Manager 2019",
    "versions": [
      {
        "version": "-",
        "status": "affected"
      }
    ]
  },
  {
    "vendor": "Microsoft",
    "product": "System Center Virtual Machine Manager 2022",
    "versions": [
      {
        "version": "-",
        "status": "affected"
      }
    ]
  },
  {
    "vendor": "Microsoft",
    "product": "System Center Virtual Machine Manager 2025",
    "versions": [
      {
        "version": "-",
        "status": "affected"
      }
    ]
  }
]

Source	Link
msrc	www.msrc.microsoft.com/update-guide/vulnerability/CVE-2025-27743

13 Feb 2026 19:32Current

CVSS 3.17.8

EPSS0.00841

CWE-426