CRITICAL✓ PATCH🇵🇱 Wersja polska

CVE-2025-29827

CVSS 9.9v3.1pub. 2025-05-08upd. 2025-06-05

Improper authorization in Azure Automation allows an authorized attacker to elevate privileges over a network.

🤖 AI Analysis
How it works

The error results from improper implementation of authorization mechanisms (CWE-285, CWE-863) in the Azure Automation service. An attacker with basic network access to the environment can exploit this vulnerability without requiring user interaction. This makes it possible to obtain permissions exceeding those the attacker is entitled to, and the attack effect may extend beyond the scope of the directly attacked resource (scope S:C in the CVSS vector).

Impact

An attacker can obtain unauthorized, elevated privilege levels in the Azure environment, which may lead to taking control of automation resources, disclosure of sensitive data, or integrity violation of systems managed by Azure Automation.

Mitigation & patch

Patches available from the manufacturer should be applied according to references — details available in Microsoft Security Response Center at https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-29827

Who is affected

Microsoft Azure Automation — versions indicated in manufacturer references

Analysis generated by Claude AI (Anthropic) based on NVD data. Always verify with vendor.
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:L
  • Microsoft Azure Automation

    APP
    Microsoft
    wszystkie wersje
🟢
PATCH AVAILABLE
Vendor update available. Deploy in standard maintenance cycle.
CWE
References

Related vulnerabilities

CVE-2024-21330HIGH7.8ten sam produkt

Open Management Infrastructure (OMI) Elevation of Privilege Vulnerability

CVE-2021-42306HIGH8.1ten sam produkt

An information disclosure vulnerability manifests when a user or an application uploads unprotected private ke...

CVE-2019-0962MEDIUM4.9ten sam produkt

An elevation of privilege vulnerability exists in Azure Automation "RunAs account" runbooks for users with con...

CVE-2026-8398CRITICAL9.3⚠ KEVPL ✓ten sam vendor

Atak na łańcuch dostaw DAEMON Tools Lite — trojanizacja instalatorów

CVE-2026-20963CRITICAL9.8⚠ KEVPL ✓ten sam vendor

RCE przez deserializację niezaufanych danych w Microsoft SharePoint Server