VDB
CVE-2025-21188
CVE-2025-21188
PUBLISHED
In der Microsoft Azure Network Watcher VM Extension besteht eine Schwachstelle. Ein lokaler Angreifer mit Contributor- oder Owner-Zugriff auf die Zielumgebung kann diese Schwachstelle ausnutzen, um erhöhte Berechtigungen zu erhalten.
EPSS 0.05% · 17.6th percentile
Risk Scores
EPSS Score
0.05%
17.6th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Microsoft | Microsoft Azure Network Watcher VM Extension |
Exploit Intelligence
- https://www.microsoft.com/en-us/msrc/exploitability-index?rtc=1 (msrc)
- CIRCL seen: CVE-2025-21188 (circl-sighting)
- CIRCL seen: CVE-2025-21188 (circl-sighting)
- CIRCL seen: CVE-2025-21188 (circl-sighting)
- CIRCL seen: CVE-2025-21188 (circl-sighting)
- Azure Network Watcher VM Extension Elevation of Privilege Vulnerability (circl)
Timeline
- Dec 5, 2024 CVE ID Reserved
- Feb 11, 2025 CVE Published
- Feb 11, 2025 PoC Published
- Feb 11, 2025 PoC Published
- Feb 11, 2025 PoC Published
- Feb 11, 2025 PoC Published
- Feb 12, 2025 EPSS Score
- Feb 27, 2025 EPSS Score
- Mar 3, 2025 Coalition ESS Score
- Mar 13, 2025 EPSS Score
- Mar 28, 2025 EPSS Score
- Apr 11, 2025 EPSS Score