Lucene search
K

Vulnerabilities fixed in Microsoft Azure

🗓️ 14 Oct 2025 18:13:41Reported by NCSCType 
ncsc
 ncsc
🔗 advisories.ncsc.nl👁 10 Views

Azure vulnerabilities fixed, including Azure Entra ID, which could allow impersonation and elevated access.

Related
ReporterTitlePublishedViews
Family
BDU FSTEC
The vulnerability of the cloud platform for managing and protecting Microsoft Entra ID (formerly Azure Active Directory) relates to deficiencies in access control. This allows attackers to escalate their privileges.
14 Oct 202500:00
bdu_fstec
BDU FSTEC
The vulnerability of the cloud-based platform for managing and protecting Microsoft Entra ID (formerly Azure Active Directory) relates to the lack of authentication for a critical function, allowing attackers to escalate their privileges.
14 Oct 202500:00
bdu_fstec
BDU FSTEC
The vulnerability of the data collection tool for Azure Monitor Agents, which are associated with virtual machines and physical servers, stems from deficiencies in the deserialization mechanism. This allows attackers to exploit their privileges.
16 Oct 202500:00
bdu_fstec
BDU FSTEC
The vulnerability of the software for creating and managing images of virtual machines and containers in Azure Compute Gallery lies in improper external management of file names or paths, allowing an attacker to escalate their privileges.
16 Oct 202500:00
bdu_fstec
BDU FSTEC
The vulnerability of the software for creating and managing images of virtual machines and containers in Azure Compute Gallery lies in improper external management of file names or paths, allowing an attacker to escalate their privileges.
16 Oct 202500:00
bdu_fstec
BDU FSTEC
The vulnerability of Azure Managed Redis and Azure Cache for Redis Enterprise data caching services, related to improper authorization, allows attackers to escalate their privileges.
20 Oct 202500:00
bdu_fstec
BDU FSTEC
The vulnerability of the data collection tool for Azure Monitor Agents, which are associated with virtual machines and physical servers, relates to access control errors. This allows attackers to escalate their privileges.
20 Oct 202500:00
bdu_fstec
BDU FSTEC
The vulnerability of the Azure Connected Machine Agent, a software tool for managing servers and virtual machines, is related to access control deficiencies, which allows attackers to escalate their privileges.
22 Oct 202500:00
bdu_fstec
Circl
CVE-2025-47989
14 Oct 202516:13
circl
Circl
CVE-2025-55321
9 Oct 202521:38
circl
Rows per page

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation