ГлавнаяУязвимости → CVE-2025-49707
7.9высокая

CVE-2025-49707

→ есть в БДУ: BDU:2025-10040 (на русском)
Описание (на английском; русское — в БДУ выше)

Improper access control in Azure Virtual Machines allows an authorized attacker to perform spoofing locally.

Затрагиваемое ПО
Microsoft Ecesv6-series azure vm firmwareMicrosoft Ecesv6-series azure vmMicrosoft Dcesv6-series azure vm firmwareMicrosoft Dcesv6-series azure vmMicrosoft Nccadsh100v5-series azure vm firmwareMicrosoft Nccadsh100v5-series azure vmMicrosoft Ecedsv5-series azure vm firmwareMicrosoft Ecedsv5-series azure vmMicrosoft Ecesv5-series azure vm firmwareMicrosoft Ecesv5-series azure vmMicrosoft Dcedsv5-series azure vm firmwareMicrosoft Dcedsv5-series azure vmMicrosoft Dcesv5-series azure vm firmwareMicrosoft Dcesv5-series azure vmMicrosoft Ecadsv5-series azure vm firmwareMicrosoft Ecadsv5-series azure vmMicrosoft Ecasv5-series azure vm firmwareMicrosoft Ecasv5-series azure vmMicrosoft Dcadsv5-series azure vm firmwareMicrosoft Dcadsv5-series azure vmMicrosoft Dcasv5-series azure vm firmwareMicrosoft Dcasv5-series azure vm
CVSS
Балл7.9 — высокая
ВекторCVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:N
Источники
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-49707