Search criteria
6 vulnerabilities found for dcesv6-series_azure_vm_firmware by microsoft
FKIE_CVE-2025-53781
Vulnerability from fkie_nvd - Published: 2025-08-12 18:15 - Updated: 2025-09-10 14:57
Severity ?
7.7 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N
6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Summary
Exposure of sensitive information to an unauthorized actor in Azure Virtual Machines allows an authorized attacker to disclose information over a network.
References
| URL | Tags | ||
|---|---|---|---|
| secure@microsoft.com | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-53781 | Vendor Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:microsoft:ecesv6-series_azure_vm_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F360528B-E470-4B26-BEDD-834E10022A98",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:microsoft:ecesv6-series_azure_vm:-:*:*:*:*:*:*:*",
"matchCriteriaId": "802F7E6F-7794-4708-AD3D-C4D7C9CBC6FD",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:microsoft:dcesv6-series_azure_vm_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EB30D696-671F-4BAF-AA9A-81321DF05D0B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:microsoft:dcesv6-series_azure_vm:-:*:*:*:*:*:*:*",
"matchCriteriaId": "499B82AE-DA62-429C-9473-3E98A75BB877",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:microsoft:nccadsh100v5-series_azure_vm_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B73B8D55-6058-49D6-B628-6401AE7A715B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:microsoft:nccadsh100v5-series_azure_vm:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1AD133F8-8837-4D4A-9484-B50666285247",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:microsoft:ecedsv5-series_azure_vm_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "676B3D32-7995-4D44-A4D1-30F424AD0259",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:microsoft:ecedsv5-series_azure_vm:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C3E14156-6FE5-4BC9-A6B6-2DA55598DA36",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:microsoft:ecesv5-series_azure_vm_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "40B8180F-D355-4928-80F7-382A031CC284",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:microsoft:ecesv5-series_azure_vm:-:*:*:*:*:*:*:*",
"matchCriteriaId": "57C85697-1587-45AD-ACA0-2A5A214CFF09",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:microsoft:dcedsv5-series_azure_vm_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "97B2457F-2A94-4731-86F3-7404290E7783",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:microsoft:dcedsv5-series_azure_vm:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BA5EF79F-6144-4315-8A49-7CC4BCB702AA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:microsoft:dcesv5-series_azure_vm_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6747D5E4-DA0C-44A3-BE7C-5C35EEDC7E1E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:microsoft:dcesv5-series_azure_vm:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C3C1F02F-8A8E-4EF5-925F-DD4C26334276",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:microsoft:ecadsv5-series_azure_vm_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5EAD8A5A-42E3-4180-90F8-FFF1A092ABDA",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:microsoft:ecadsv5-series_azure_vm:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D6ECCA3F-BA40-4C11-98A2-DDD41B29C884",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:microsoft:ecasv5-series_azure_vm_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "298DC11A-48DD-42D6-AA3C-EED7B0DB38BC",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:microsoft:ecasv5-series_azure_vm:-:*:*:*:*:*:*:*",
"matchCriteriaId": "ACF7AFB5-6E9E-40E3-9759-B7DA0EB59158",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:microsoft:dcadsv5-series_azure_vm_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "80909CA7-C2C0-435A-9DB1-9BF94B3DDC07",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:microsoft:dcadsv5-series_azure_vm:-:*:*:*:*:*:*:*",
"matchCriteriaId": "32DA45C4-CFF8-4DD5-9034-DF7BD8329910",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:microsoft:dcasv5-series_azure_vm_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3FFB3157-ADE9-4D26-84F5-82A2E3ACD920",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:microsoft:dcasv5-series_azure_vm:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A8D776F2-B400-4281-A040-2763098A229A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [
{
"sourceIdentifier": "secure@microsoft.com",
"tags": [
"exclusively-hosted-service"
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Exposure of sensitive information to an unauthorized actor in Azure Virtual Machines allows an authorized attacker to disclose information over a network."
},
{
"lang": "es",
"value": "La exposici\u00f3n de informaci\u00f3n confidencial a un actor no autorizado en Azure Virtual Machines permite que un atacante autorizado divulgue informaci\u00f3n a trav\u00e9s de una red."
}
],
"id": "CVE-2025-53781",
"lastModified": "2025-09-10T14:57:05.167",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.7,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.1,
"impactScore": 4.0,
"source": "secure@microsoft.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2025-08-12T18:15:46.473",
"references": [
{
"source": "secure@microsoft.com",
"tags": [
"Vendor Advisory"
],
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-53781"
}
],
"sourceIdentifier": "secure@microsoft.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-200"
}
],
"source": "secure@microsoft.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2025-49707
Vulnerability from fkie_nvd - Published: 2025-08-12 18:15 - Updated: 2025-08-20 20:55
Severity ?
7.9 (High) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:N
5.5 (Medium) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
5.5 (Medium) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
Summary
Improper access control in Azure Virtual Machines allows an authorized attacker to perform spoofing locally.
References
| URL | Tags | ||
|---|---|---|---|
| secure@microsoft.com | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-49707 | Vendor Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:microsoft:ecesv6-series_azure_vm_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F360528B-E470-4B26-BEDD-834E10022A98",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:microsoft:ecesv6-series_azure_vm:-:*:*:*:*:*:*:*",
"matchCriteriaId": "802F7E6F-7794-4708-AD3D-C4D7C9CBC6FD",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:microsoft:dcesv6-series_azure_vm_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EB30D696-671F-4BAF-AA9A-81321DF05D0B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:microsoft:dcesv6-series_azure_vm:-:*:*:*:*:*:*:*",
"matchCriteriaId": "499B82AE-DA62-429C-9473-3E98A75BB877",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:microsoft:nccadsh100v5-series_azure_vm_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B73B8D55-6058-49D6-B628-6401AE7A715B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:microsoft:nccadsh100v5-series_azure_vm:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1AD133F8-8837-4D4A-9484-B50666285247",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:microsoft:ecedsv5-series_azure_vm_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "676B3D32-7995-4D44-A4D1-30F424AD0259",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:microsoft:ecedsv5-series_azure_vm:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C3E14156-6FE5-4BC9-A6B6-2DA55598DA36",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:microsoft:ecesv5-series_azure_vm_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "40B8180F-D355-4928-80F7-382A031CC284",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:microsoft:ecesv5-series_azure_vm:-:*:*:*:*:*:*:*",
"matchCriteriaId": "57C85697-1587-45AD-ACA0-2A5A214CFF09",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:microsoft:dcedsv5-series_azure_vm_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "97B2457F-2A94-4731-86F3-7404290E7783",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:microsoft:dcedsv5-series_azure_vm:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BA5EF79F-6144-4315-8A49-7CC4BCB702AA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:microsoft:dcesv5-series_azure_vm_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6747D5E4-DA0C-44A3-BE7C-5C35EEDC7E1E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:microsoft:dcesv5-series_azure_vm:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C3C1F02F-8A8E-4EF5-925F-DD4C26334276",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:microsoft:ecadsv5-series_azure_vm_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5EAD8A5A-42E3-4180-90F8-FFF1A092ABDA",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:microsoft:ecadsv5-series_azure_vm:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D6ECCA3F-BA40-4C11-98A2-DDD41B29C884",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:microsoft:ecasv5-series_azure_vm_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "298DC11A-48DD-42D6-AA3C-EED7B0DB38BC",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:microsoft:ecasv5-series_azure_vm:-:*:*:*:*:*:*:*",
"matchCriteriaId": "ACF7AFB5-6E9E-40E3-9759-B7DA0EB59158",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:microsoft:dcadsv5-series_azure_vm_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "80909CA7-C2C0-435A-9DB1-9BF94B3DDC07",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:microsoft:dcadsv5-series_azure_vm:-:*:*:*:*:*:*:*",
"matchCriteriaId": "32DA45C4-CFF8-4DD5-9034-DF7BD8329910",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:microsoft:dcasv5-series_azure_vm_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3FFB3157-ADE9-4D26-84F5-82A2E3ACD920",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:microsoft:dcasv5-series_azure_vm:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A8D776F2-B400-4281-A040-2763098A229A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [
{
"sourceIdentifier": "secure@microsoft.com",
"tags": [
"exclusively-hosted-service"
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Improper access control in Azure Virtual Machines allows an authorized attacker to perform spoofing locally."
},
{
"lang": "es",
"value": "El control de acceso inadecuado en Azure Virtual Machines permite que un atacante autorizado realice suplantaci\u00f3n de identidad localmente."
}
],
"id": "CVE-2025-49707",
"lastModified": "2025-08-20T20:55:51.070",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 7.9,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:N",
"version": "3.1"
},
"exploitabilityScore": 1.5,
"impactScore": 5.8,
"source": "secure@microsoft.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2025-08-12T18:15:29.977",
"references": [
{
"source": "secure@microsoft.com",
"tags": [
"Vendor Advisory"
],
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-49707"
}
],
"sourceIdentifier": "secure@microsoft.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-284"
}
],
"source": "secure@microsoft.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
CVE-2025-49707 (GCVE-0-2025-49707)
Vulnerability from cvelistv5 – Published: 2025-08-12 17:10 – Updated: 2025-11-10 00:12 Exclusively Hosted Service
VLAI?
Title
Azure Virtual Machines Spoofing Vulnerability
Summary
Improper access control in Azure Virtual Machines allows an authorized attacker to perform spoofing locally.
Severity ?
CWE
- CWE-284 - Improper Access Control
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Microsoft | DCasv5-series Azure VM |
Affected:
N/A
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-49707",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-08-07T00:00:00+00:00",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-08-13T15:02:33.289Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"platforms": [
"Unknown"
],
"product": "DCasv5-series Azure VM",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "N/A"
}
]
},
{
"platforms": [
"Unknown"
],
"product": "DCadsv5-series Azure VM",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "N/A"
}
]
},
{
"platforms": [
"Unknown"
],
"product": "ECasv5-series Azure VM",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "N/A"
}
]
},
{
"platforms": [
"Unknown"
],
"product": "ECadsv5-series Azure VM",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "N/A"
}
]
},
{
"platforms": [
"Unknown"
],
"product": "DCesv5-series - Azure VM",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "N/A"
}
]
},
{
"platforms": [
"Unknown"
],
"product": "DCedsv5-series Azure VM",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "N/A"
}
]
},
{
"platforms": [
"Unknown"
],
"product": "ECesv5-series Azure VM",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "N/A"
}
]
},
{
"platforms": [
"Unknown"
],
"product": "ECedsv5-series Azure VM",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "N/A"
}
]
},
{
"platforms": [
"Unknown"
],
"product": "NCCadsH100v5-series Azure VM",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "N/A"
}
]
},
{
"platforms": [
"Unknown"
],
"product": "DCesv6-series Azure VM",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "N/A"
}
]
},
{
"platforms": [
"Unknown"
],
"product": "Ecesv6-series Azure VM",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "N/A"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:microsoft:DCasv5_series_Azure_VM:*:*:*:*:*:*:*:*",
"versionStartIncluding": "N/A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:DCadsv5_series_Azure_VM:*:*:*:*:*:*:*:*",
"versionStartIncluding": "N/A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:ECasv5_series_Azure_VM:*:*:*:*:*:*:*:*",
"versionStartIncluding": "N/A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:ECadsv5_series_Azure_VM:*:*:*:*:*:*:*:*",
"versionStartIncluding": "N/A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:DCesv5_series_Azure_VM:*:*:*:*:*:*:*:*",
"versionStartIncluding": "N/A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:DCedsv5_series_Azure_VM:*:*:*:*:*:*:*:*",
"versionStartIncluding": "N/A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:ECesv5_series_Azure_VM:*:*:*:*:*:*:*:*",
"versionStartIncluding": "N/A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:ECedsv5_series_Azure_VM:*:*:*:*:*:*:*:*",
"versionStartIncluding": "N/A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:NCCadsH100v5_series_Azure_VM:*:*:*:*:*:*:*:*",
"versionStartIncluding": "N/A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:ECadsv5_series_Azure_VM:*:*:*:*:*:*:*:*",
"versionStartIncluding": "N/A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:DCadsv5_series_Azure_VM:*:*:*:*:*:*:*:*",
"versionStartIncluding": "N/A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"datePublic": "2025-08-12T07:00:00.000Z",
"descriptions": [
{
"lang": "en-US",
"value": "Improper access control in Azure Virtual Machines allows an authorized attacker to perform spoofing locally."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 7.9,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:N/E:U/RL:O/RC:C",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en-US",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-284",
"description": "CWE-284: Improper Access Control",
"lang": "en-US",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-11-10T00:12:53.805Z",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"name": "Azure Virtual Machines Spoofing Vulnerability",
"tags": [
"vendor-advisory"
],
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-49707"
}
],
"tags": [
"exclusively-hosted-service"
],
"title": "Azure Virtual Machines Spoofing Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2025-49707",
"datePublished": "2025-08-12T17:10:47.689Z",
"dateReserved": "2025-06-09T19:59:44.875Z",
"dateUpdated": "2025-11-10T00:12:53.805Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-53781 (GCVE-0-2025-53781)
Vulnerability from cvelistv5 – Published: 2025-08-12 17:09 – Updated: 2025-11-10 00:11 Exclusively Hosted Service
VLAI?
Title
Azure Virtual Machines Information Disclosure Vulnerability
Summary
Exposure of sensitive information to an unauthorized actor in Azure Virtual Machines allows an authorized attacker to disclose information over a network.
Severity ?
CWE
- CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Microsoft | DCasv5-series Azure VM |
Affected:
N/A
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-53781",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-08-12T19:07:30.346432Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-08-12T20:45:59.419Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"platforms": [
"Unknown"
],
"product": "DCasv5-series Azure VM",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "N/A"
}
]
},
{
"platforms": [
"Unknown"
],
"product": "DCadsv5-series Azure VM",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "N/A"
}
]
},
{
"platforms": [
"Unknown"
],
"product": "ECasv5-series Azure VM",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "N/A"
}
]
},
{
"platforms": [
"Unknown"
],
"product": "ECadsv5-series Azure VM",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "N/A"
}
]
},
{
"platforms": [
"Unknown"
],
"product": "DCesv5-series - Azure VM",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "N/A"
}
]
},
{
"platforms": [
"Unknown"
],
"product": "DCedsv5-series Azure VM",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "N/A"
}
]
},
{
"platforms": [
"Unknown"
],
"product": "ECesv5-series Azure VM",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "N/A"
}
]
},
{
"platforms": [
"Unknown"
],
"product": "ECedsv5-series Azure VM",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "N/A"
}
]
},
{
"platforms": [
"Unknown"
],
"product": "NCCadsH100v5-series Azure VM",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "N/A"
}
]
},
{
"platforms": [
"Unknown"
],
"product": "Ecesv6-series Azure VM",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "N/A"
}
]
},
{
"platforms": [
"Unknown"
],
"product": "DCesv6-series Azure VM",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "N/A"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:microsoft:DCasv5_series_Azure_VM:*:*:*:*:*:*:*:*",
"versionStartIncluding": "N/A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:DCadsv5_series_Azure_VM:*:*:*:*:*:*:*:*",
"versionStartIncluding": "N/A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:ECasv5_series_Azure_VM:*:*:*:*:*:*:*:*",
"versionStartIncluding": "N/A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:ECadsv5_series_Azure_VM:*:*:*:*:*:*:*:*",
"versionStartIncluding": "N/A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:DCesv5_series_Azure_VM:*:*:*:*:*:*:*:*",
"versionStartIncluding": "N/A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:DCedsv5_series_Azure_VM:*:*:*:*:*:*:*:*",
"versionStartIncluding": "N/A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:ECesv5_series_Azure_VM:*:*:*:*:*:*:*:*",
"versionStartIncluding": "N/A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:ECedsv5_series_Azure_VM:*:*:*:*:*:*:*:*",
"versionStartIncluding": "N/A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:NCCadsH100v5_series_Azure_VM:*:*:*:*:*:*:*:*",
"versionStartIncluding": "N/A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:DCadsv5_series_Azure_VM:*:*:*:*:*:*:*:*",
"versionStartIncluding": "N/A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:ECadsv5_series_Azure_VM:*:*:*:*:*:*:*:*",
"versionStartIncluding": "N/A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"datePublic": "2025-08-12T07:00:00.000Z",
"descriptions": [
{
"lang": "en-US",
"value": "Exposure of sensitive information to an unauthorized actor in Azure Virtual Machines allows an authorized attacker to disclose information over a network."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 7.7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N/E:U/RL:O/RC:C",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en-US",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-200",
"description": "CWE-200: Exposure of Sensitive Information to an Unauthorized Actor",
"lang": "en-US",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-11-10T00:11:54.617Z",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"name": "Azure Virtual Machines Information Disclosure Vulnerability",
"tags": [
"vendor-advisory"
],
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-53781"
}
],
"tags": [
"exclusively-hosted-service"
],
"title": "Azure Virtual Machines Information Disclosure Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2025-53781",
"datePublished": "2025-08-12T17:09:51.592Z",
"dateReserved": "2025-07-09T13:25:25.502Z",
"dateUpdated": "2025-11-10T00:11:54.617Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-49707 (GCVE-0-2025-49707)
Vulnerability from nvd – Published: 2025-08-12 17:10 – Updated: 2025-11-10 00:12 Exclusively Hosted Service
VLAI?
Title
Azure Virtual Machines Spoofing Vulnerability
Summary
Improper access control in Azure Virtual Machines allows an authorized attacker to perform spoofing locally.
Severity ?
CWE
- CWE-284 - Improper Access Control
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Microsoft | DCasv5-series Azure VM |
Affected:
N/A
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-49707",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-08-07T00:00:00+00:00",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-08-13T15:02:33.289Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"platforms": [
"Unknown"
],
"product": "DCasv5-series Azure VM",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "N/A"
}
]
},
{
"platforms": [
"Unknown"
],
"product": "DCadsv5-series Azure VM",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "N/A"
}
]
},
{
"platforms": [
"Unknown"
],
"product": "ECasv5-series Azure VM",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "N/A"
}
]
},
{
"platforms": [
"Unknown"
],
"product": "ECadsv5-series Azure VM",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "N/A"
}
]
},
{
"platforms": [
"Unknown"
],
"product": "DCesv5-series - Azure VM",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "N/A"
}
]
},
{
"platforms": [
"Unknown"
],
"product": "DCedsv5-series Azure VM",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "N/A"
}
]
},
{
"platforms": [
"Unknown"
],
"product": "ECesv5-series Azure VM",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "N/A"
}
]
},
{
"platforms": [
"Unknown"
],
"product": "ECedsv5-series Azure VM",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "N/A"
}
]
},
{
"platforms": [
"Unknown"
],
"product": "NCCadsH100v5-series Azure VM",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "N/A"
}
]
},
{
"platforms": [
"Unknown"
],
"product": "DCesv6-series Azure VM",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "N/A"
}
]
},
{
"platforms": [
"Unknown"
],
"product": "Ecesv6-series Azure VM",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "N/A"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:microsoft:DCasv5_series_Azure_VM:*:*:*:*:*:*:*:*",
"versionStartIncluding": "N/A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:DCadsv5_series_Azure_VM:*:*:*:*:*:*:*:*",
"versionStartIncluding": "N/A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:ECasv5_series_Azure_VM:*:*:*:*:*:*:*:*",
"versionStartIncluding": "N/A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:ECadsv5_series_Azure_VM:*:*:*:*:*:*:*:*",
"versionStartIncluding": "N/A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:DCesv5_series_Azure_VM:*:*:*:*:*:*:*:*",
"versionStartIncluding": "N/A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:DCedsv5_series_Azure_VM:*:*:*:*:*:*:*:*",
"versionStartIncluding": "N/A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:ECesv5_series_Azure_VM:*:*:*:*:*:*:*:*",
"versionStartIncluding": "N/A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:ECedsv5_series_Azure_VM:*:*:*:*:*:*:*:*",
"versionStartIncluding": "N/A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:NCCadsH100v5_series_Azure_VM:*:*:*:*:*:*:*:*",
"versionStartIncluding": "N/A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:ECadsv5_series_Azure_VM:*:*:*:*:*:*:*:*",
"versionStartIncluding": "N/A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:DCadsv5_series_Azure_VM:*:*:*:*:*:*:*:*",
"versionStartIncluding": "N/A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"datePublic": "2025-08-12T07:00:00.000Z",
"descriptions": [
{
"lang": "en-US",
"value": "Improper access control in Azure Virtual Machines allows an authorized attacker to perform spoofing locally."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 7.9,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:N/E:U/RL:O/RC:C",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en-US",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-284",
"description": "CWE-284: Improper Access Control",
"lang": "en-US",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-11-10T00:12:53.805Z",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"name": "Azure Virtual Machines Spoofing Vulnerability",
"tags": [
"vendor-advisory"
],
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-49707"
}
],
"tags": [
"exclusively-hosted-service"
],
"title": "Azure Virtual Machines Spoofing Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2025-49707",
"datePublished": "2025-08-12T17:10:47.689Z",
"dateReserved": "2025-06-09T19:59:44.875Z",
"dateUpdated": "2025-11-10T00:12:53.805Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-53781 (GCVE-0-2025-53781)
Vulnerability from nvd – Published: 2025-08-12 17:09 – Updated: 2025-11-10 00:11 Exclusively Hosted Service
VLAI?
Title
Azure Virtual Machines Information Disclosure Vulnerability
Summary
Exposure of sensitive information to an unauthorized actor in Azure Virtual Machines allows an authorized attacker to disclose information over a network.
Severity ?
CWE
- CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Microsoft | DCasv5-series Azure VM |
Affected:
N/A
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-53781",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-08-12T19:07:30.346432Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-08-12T20:45:59.419Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"platforms": [
"Unknown"
],
"product": "DCasv5-series Azure VM",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "N/A"
}
]
},
{
"platforms": [
"Unknown"
],
"product": "DCadsv5-series Azure VM",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "N/A"
}
]
},
{
"platforms": [
"Unknown"
],
"product": "ECasv5-series Azure VM",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "N/A"
}
]
},
{
"platforms": [
"Unknown"
],
"product": "ECadsv5-series Azure VM",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "N/A"
}
]
},
{
"platforms": [
"Unknown"
],
"product": "DCesv5-series - Azure VM",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "N/A"
}
]
},
{
"platforms": [
"Unknown"
],
"product": "DCedsv5-series Azure VM",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "N/A"
}
]
},
{
"platforms": [
"Unknown"
],
"product": "ECesv5-series Azure VM",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "N/A"
}
]
},
{
"platforms": [
"Unknown"
],
"product": "ECedsv5-series Azure VM",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "N/A"
}
]
},
{
"platforms": [
"Unknown"
],
"product": "NCCadsH100v5-series Azure VM",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "N/A"
}
]
},
{
"platforms": [
"Unknown"
],
"product": "Ecesv6-series Azure VM",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "N/A"
}
]
},
{
"platforms": [
"Unknown"
],
"product": "DCesv6-series Azure VM",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "N/A"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:microsoft:DCasv5_series_Azure_VM:*:*:*:*:*:*:*:*",
"versionStartIncluding": "N/A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:DCadsv5_series_Azure_VM:*:*:*:*:*:*:*:*",
"versionStartIncluding": "N/A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:ECasv5_series_Azure_VM:*:*:*:*:*:*:*:*",
"versionStartIncluding": "N/A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:ECadsv5_series_Azure_VM:*:*:*:*:*:*:*:*",
"versionStartIncluding": "N/A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:DCesv5_series_Azure_VM:*:*:*:*:*:*:*:*",
"versionStartIncluding": "N/A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:DCedsv5_series_Azure_VM:*:*:*:*:*:*:*:*",
"versionStartIncluding": "N/A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:ECesv5_series_Azure_VM:*:*:*:*:*:*:*:*",
"versionStartIncluding": "N/A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:ECedsv5_series_Azure_VM:*:*:*:*:*:*:*:*",
"versionStartIncluding": "N/A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:NCCadsH100v5_series_Azure_VM:*:*:*:*:*:*:*:*",
"versionStartIncluding": "N/A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:DCadsv5_series_Azure_VM:*:*:*:*:*:*:*:*",
"versionStartIncluding": "N/A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:ECadsv5_series_Azure_VM:*:*:*:*:*:*:*:*",
"versionStartIncluding": "N/A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"datePublic": "2025-08-12T07:00:00.000Z",
"descriptions": [
{
"lang": "en-US",
"value": "Exposure of sensitive information to an unauthorized actor in Azure Virtual Machines allows an authorized attacker to disclose information over a network."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 7.7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N/E:U/RL:O/RC:C",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en-US",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-200",
"description": "CWE-200: Exposure of Sensitive Information to an Unauthorized Actor",
"lang": "en-US",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-11-10T00:11:54.617Z",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"name": "Azure Virtual Machines Information Disclosure Vulnerability",
"tags": [
"vendor-advisory"
],
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-53781"
}
],
"tags": [
"exclusively-hosted-service"
],
"title": "Azure Virtual Machines Information Disclosure Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2025-53781",
"datePublished": "2025-08-12T17:09:51.592Z",
"dateReserved": "2025-07-09T13:25:25.502Z",
"dateUpdated": "2025-11-10T00:11:54.617Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}