Azure Bastion Elevation of Privilege Vulnerability
The vulnerability is classified as CWE-294 (Authentication Bypass by Capture-replay), meaning an attacker can intercept or replay authentication data or session tokens to bypass access control mechanisms. The attack vector is network-based, requires no privileges or user interaction, and the scope of impact extends beyond the boundaries of the attacked component (Scope: Changed). This means the effects of exploitation may extend beyond Azure Bastion itself and impact related resources.
Successful exploitation enables an attacker to obtain elevated privileges in the Azure environment, which may lead to unauthorized access to protected resources, their modification, or partial disruption of availability — with complete compromise of data confidentiality and integrity.
Patches available from the vendor should be applied in accordance with references published by the Microsoft Security Response Center at: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-49752. As a service managed by Microsoft, Azure Bastion may receive updates automatically on the platform side — it is recommended to verify the status in the Azure portal and monitor MSRC communications.
Microsoft Azure Bastion Developer — versions indicated in vendor references (Microsoft Security Response Center).
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:LMicrosoft Azure Bastion Developer
APPMicrosoftwszystkie wersje
Related vulnerabilities
Atak na łańcuch dostaw DAEMON Tools Lite — trojanizacja instalatorów
RCE przez deserializację niezaufanych danych w Microsoft SharePoint Server
RCE w Windows Server Update Service (WSUS) — deserializacja danych
Type confusion w V8 (Google Chrome) — zdalne uszkodzenie sterty
RCE przez deserialization w Microsoft SharePoint Server (on-premises)