3 matches found
CVE-2025-30389
creationtimestamp| type| source ---|---|--- 2025-04-30 17:21:46+00:00| seen| https://infosec.exchange/users/cR0w/statuses/114428064949898924 2025-04-30 19:48:33+00:00| seen| https://mastodon.social/users/CyberSignaler/statuses/114428641997339689 2025-04-30 20:30:45+00:00| seen|...
CVE-2025-30389
CVE-2025-30389 describes an improper authorization issue in the Azure Bot Framework SDK that allows an unauthenticated, network-based attacker to elevate privileges. The NVD entry lists a CRITICAL impact with CVSSv3.1: AV=N, AC=L, PR=NONE, UI=N, S=U, C=H, I=H, A=H (base score 9.8). Microsoft/Red ...
CVE-2025-30389 Azure Bot Framework SDK Elevation of Privilege Vulnerability
...