CRITICAL✓ PATCH🇵🇱 Wersja polska

CVE-2026-40412

CVSS 10.0v3.1pub. 2026-05-22upd. 2026-05-27

Unrestricted upload of file with dangerous type in Azure Orbital Spatio allows an unauthorized attacker to execute code over a network.

🤖 AI Analysis
How it works

An unauthenticated attacker can upload a dangerous file type over the network to the vulnerable Azure Orbital Spatio component. The application does not sufficiently verify the type or content of the uploaded file, which allows malicious code to be placed and executed on the server side. The network vector (AV:N), lack of user interaction requirement (UI:N), and lack of required privileges (PR:N) make it possible to conduct the attack remotely and fully automatically.

Impact

Successful exploitation of this vulnerability gives an attacker the ability to execute arbitrary code remotely (RCE) in the service context, which with the scope C:H/I:H/A:H means complete breach of confidentiality, integrity and availability of data and the system. The scope of the vulnerability exceeds the component boundary (S:C), which may lead to lateral movement in the cloud environment.

Mitigation & patch

Apply patches available from the vendor in accordance with the references published at https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-40412. Until the patch is applied, it is recommended to restrict network access to the vulnerable service only to trusted sources.

Who is affected

Azure Orbital Spatio — versions indicated in the vendor's references (Microsoft Security Response Center).

Analysis generated by Claude AI (Anthropic) based on NVD data. Always verify with vendor.
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
  • Microsoft Azure Orbital Spatio

    APP
    Microsoft
    wszystkie wersje
🟢
PATCH AVAILABLE
Vendor update available. Deploy in standard maintenance cycle.
CWE
References

Related vulnerabilities

CVE-2026-8398CRITICAL9.3⚠ KEVPL ✓ten sam vendor

Atak na łańcuch dostaw DAEMON Tools Lite — trojanizacja instalatorów

CVE-2026-20963CRITICAL9.8⚠ KEVPL ✓ten sam vendor

RCE przez deserializację niezaufanych danych w Microsoft SharePoint Server

CVE-2025-59287CRITICAL9.8⚠ KEVPL ✓ten sam vendor

RCE w Windows Server Update Service (WSUS) — deserializacja danych

CVE-2025-10585CRITICAL9.8⚠ KEVPL ✓ten sam vendor

Type confusion w V8 (Google Chrome) — zdalne uszkodzenie sterty

CVE-2025-53770CRITICAL9.8⚠ KEVPL ✓ten sam vendor

RCE przez deserialization w Microsoft SharePoint Server (on-premises)