CVE-2025-64655 — Vulnetix

CVE-2025-64655 PUBLISHED CVSS 8.800000190734863 HIGH

Improper authorization in Dynamics OmniChannel SDK Storage Containers allows an unauthorized attacker to elevate privileges over a network.

EPSS 0.08% · 24.4th percentile

Risk Scores

CVSS v3.1

8.800000190734863

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

EPSS Score

0.08%

24.4th percentile

Affected Products

Vendor	Product	Versions
microsoft	dynamics_omnichannel_sdk_storage_containers	*
Microsoft	Dynamics OmniChannel SDK Storage Containers	*

Timeline

Nov 11, 2025 CVE Published
Nov 20, 2025 CVE Updated
Nov 20, 2025 PoC Published
Nov 20, 2025 PoC Published
Nov 21, 2025 EPSS Score
Nov 21, 2025 PoC Published
Nov 26, 2025 EPSS Score
Dec 1, 2025 EPSS Score
Dec 5, 2025 EPSS Score
Dec 10, 2025 EPSS Score
Dec 15, 2025 EPSS Score
Dec 20, 2025 EPSS Score

References

Dynamics OmniChannel SDK Storage Containers Elevation of Privilege Vulnerability vendor-advisory
https://nvd.nist.gov/vuln/detail/CVE-2025-64655 advisory

Open in Interactive Console →

$ Console Community · 100/wk Open console ›