57 matches found
Microsoft Azure Functions Data Forgery Issue Vulnerability
Microsoft Azure Functions is a hosted Platform-as-a-Service PaaS provider from Microsoft Corporation USA that provides event-driven and scheduled compute resources for Azure cloud services. Microsoft Azure Functions has a data forgery issue vulnerability that stems from improper cryptographic...
CVE-2025-33074
Improper verification of cryptographic signature in Microsoft Azure Functions allows an authorized attacker to execute code over a network...
CVE-2025-33074
Improper verification of cryptographic signature in Microsoft Azure Functions allows an authorized attacker to execute code over a network...
CVE-2025-33074
Improper verification of cryptographic signature in Microsoft Azure Functions allows an authorized attacker to execute code over a network...
CVE-2025-33074 Azure Functions Remote Code Execution Vulnerability
...
CVE-2025-33074
The CVE-2025-33074 entry describes an improper verification of cryptographic signatures in Microsoft Azure Functions, enabling an authenticated attacker to execute code over a network. Several connected sources corroborate the issue across vendors and regions (NVD/NVDC, Red Hat, CNVD, MSRC, PT Se...
CVE-2025-33074 Azure Functions Remote Code Execution Vulnerability
...
Azure Functions Remote Code Execution Vulnerability
Improper verification of cryptographic signature in Microsoft Azure Functions allows an authorized attacker to execute code over a network...
Microsoft Azure Functions 数据伪造问题漏洞
Microsoft Azure Functions is a hosted Platform-as-a-Service PaaS provider from Microsoft Corporation USA that provides event-driven and scheduled compute resources for Azure cloud services. Microsoft Azure Functions has a data forgery issue vulnerability that stems from improper cryptographic...
PT-2025-18304 · Microsoft · Azure Functions
Name of the Vulnerable Software and Affected Versions: Microsoft Azure Functions affected versions not specified Description: The issue is related to the improper verification of cryptographic signatures in Microsoft Azure Functions, allowing an authorized attacker to execute code over a network...
November Microsoft Patch Tuesday
November Microsoft Patch Tuesday. 125 CVEs, 35 of which were added since October MSPT. 2 vulnerabilities with signs of exploitation in the wild: Elevation of Privilege - Windows Task Scheduler CVE-2024-49039 Disclosure/Spoofing - NTLM Hash CVE-2024-43451 No signs of exploitation, but with a priva...
The vulnerability of the Imagine Cup platform’s code execution mechanism for Microsoft Azure Functions allows a hacker to gain unauthorized access to protected information.
The vulnerability of the Imagine Cup platform’s Microsoft Azure Functions component is related to lack of access control. Exploiting this vulnerability could allow an attacker to gain unauthorized access to protected information...
KLA74056 OSI vulnerability in Microsoft Azure
Information disclosure vulnerability was found in Microsoft Azure. Malicious users can exploit this vulnerability to obtain sensitive information. Original advisories CVE-2024-38204 Related products Microsoft-Azure CVE list CVE-2024-38204 high Solution Install necessary updates from the KB sectio...
PT-2024-7082 · Microsoft · Azure Functions +1
Name of the Vulnerable Software and Affected Versions: Imagine Cup affected versions not specified Description: The issue is related to improper access control in Imagine Cup, allowing an authorized attacker to elevate privileges over a network. This can potentially lead to unauthorized access to...
Brazilian Banks Targeted by New AllaKore RAT Variant Called AllaSenha
Brazilian banking institutions are the target of a new campaign that distributes a custom variant of the Windows-based AllaKore remote access trojan RAT called AllaSenha. The malware is "specifically aimed at stealing credentials that are required to access Brazilian bank accounts, and leverages...
Newly Discovered "By-Design" Flaw in Microsoft Azure Could Expose Storage Accounts to Hackers
A "by-design flaw" uncovered in Microsoft Azure could be exploited by attackers to gain access to storage accounts, move laterally in the environment, and even execute remote code. "It is possible to abuse and leverage Microsoft Storage Accounts by manipulating Azure Functions to steal...
Newly Discovered "By-Design" Flaw in Microsoft Azure Could Expose Storage Accounts to Hackers
A "by-design flaw" uncovered in Microsoft Azure could be exploited by attackers to gain access to storage accounts, move laterally in the environment, and even execute remote code. "It is possible to abuse and leverage Microsoft Storage Accounts by manipulating Azure Functions to steal...
Best practices regarding Azure Storage Keys, Azure Functions, and Azure Role Based Access
Summary Azure provides developers and security operations staff a wide array of configurable security options to meet organizational needs. Throughout the software development lifecycle, it is important for customers to understand the shared responsibility model, as well as be familiar with vario...
Microsoft Azure Services Flaws Could've Exposed Cloud Resources to Unauthorized Access
Four different Microsoft Azure services have been found vulnerable to server-side request forgery SSRF attacks that could be exploited to gain unauthorized access to cloud resources. The security issues, which were discovered by Orca between October 8, 2022 and December 2, 2022 in Azure API...
Microsoft Azure Services Flaws Could've Exposed Cloud Resources to Unauthorized Access
Four different Microsoft Azure services have been found vulnerable to server-side request forgery SSRF attacks that could be exploited to gain unauthorized access to cloud resources. The security issues, which were discovered by Orca between October 8, 2022 and December 2, 2022 in Azure API...