Authentication bypass by assumed-immutable data in Azure DevOps allows an unauthorized attacker to elevate privileges over a network.
The vulnerability classified as CWE-302 relies on the authentication mechanism based on data assumed to be immutable, which can actually be manipulated by an attacker. An unauthenticated network attacker without any permissions and without victim involvement can craft a request that will be treated by the system as authorized. As a result, authentication controls are bypassed and elevated privileges are obtained in the Azure DevOps environment.
An attacker can gain privilege escalation in the Azure DevOps environment, which in practice means potential full access to code repositories, CI/CD pipelines, artifacts, and sensitive project data. The scope of the breach includes full confidentiality, integrity, and availability of resources.
Apply patches available from the vendor according to references — detailed information about updates is available at https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-29813. For the Microsoft cloud service, Microsoft may deploy patches on the server side without client involvement — it is recommended to verify patch status in the admin panel and monitor communications from the Microsoft Security Response Center.
Microsoft Azure DevOps — versions indicated in vendor references (Microsoft Security Response Center).
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:HMicrosoft Azure Devops
APPMicrosoftwszystkie wersje
Related vulnerabilities
Ujawnienie wrażliwych informacji w Microsoft Azure DevOps (CVE-2026-42826)
Authentication Bypass w Azure DevOps — eskalacja uprawnień przez sieć
Insufficiently protected credentials in Azure DevOps allows an unauthorized attacker to elevate privileges ove...
Atak na łańcuch dostaw DAEMON Tools Lite — trojanizacja instalatorów
RCE przez deserializację niezaufanych danych w Microsoft SharePoint Server