cvelistv5 - cve-2025-59501

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-59501",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-11-03T15:01:04.972100Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-11-03T15:03:47.861Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "platforms": [
            "Unknown"
          ],
          "product": "Microsoft Configuration Manager",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "5.00.9128.1037",
              "status": "affected",
              "version": "1.0.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "platforms": [
            "Unknown"
          ],
          "product": "Microsoft Configuration Manager 2409",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "5.00.9132.1031",
              "status": "affected",
              "version": "1.0.0",
              "versionType": "custom"
            }
          ]
        }
      ],
      "cpeApplicability": [
        {
          "nodes": [
            {
              "cpeMatch": [
                {
                  "criteria": "cpe:2.3:a:microsoft:configuration_manager:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "5.00.9128.1037",
                  "versionStartIncluding": "1.0.0",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:a:microsoft:configuration_manager_2409:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "5.00.9132.1031",
                  "versionStartIncluding": "1.0.0",
                  "vulnerable": true
                }
              ],
              "negate": false,
              "operator": "OR"
            }
          ]
        }
      ],
      "datePublic": "2025-10-24T07:00:00.000Z",
      "descriptions": [
        {
          "lang": "en-US",
          "value": "Authentication bypass by spoofing in Microsoft Configuration Manager allows an authorized attacker to perform spoofing over an adjacent network."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "baseScore": 4.8,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en-US",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-290",
              "description": "CWE-290: Authentication Bypass by Spoofing",
              "lang": "en-US",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-11-04T20:04:00.739Z",
        "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
        "shortName": "microsoft"
      },
      "references": [
        {
          "name": "Microsoft Configuration Manager Spoofing Vulnerability",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-59501"
        }
      ],
      "title": "Microsoft Configuration Manager Spoofing Vulnerability"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
    "assignerShortName": "microsoft",
    "cveId": "CVE-2025-59501",
    "datePublished": "2025-10-31T16:45:40.699Z",
    "dateReserved": "2025-09-17T03:06:33.547Z",
    "dateUpdated": "2025-11-04T20:04:00.739Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2",
  "vulnerability-lookup:meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2025-59501\",\"sourceIdentifier\":\"secure@microsoft.com\",\"published\":\"2025-10-31T17:15:46.517\",\"lastModified\":\"2025-11-05T18:17:55.247\",\"vulnStatus\":\"Analyzed\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Authentication bypass by spoofing in Microsoft Configuration Manager allows an authorized attacker to perform spoofing over an adjacent network.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"secure@microsoft.com\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N\",\"baseScore\":4.8,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"ADJACENT_NETWORK\",\"attackComplexity\":\"HIGH\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":1.2,\"impactScore\":3.6}]},\"weaknesses\":[{\"source\":\"secure@microsoft.com\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-290\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:microsoft:configuration_manager_2403:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"5.00.9128.1037\",\"matchCriteriaId\":\"DD3A7EF4-3494-4BE8-8ACA-C5DFF72CD6AC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:microsoft:configuration_manager_2409:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"5.00.9132.1031\",\"matchCriteriaId\":\"85ED19B5-E9EB-4203-8EF2-1C221B22CF41\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:microsoft:configuration_manager_2503:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"5.0.9135.1013\",\"matchCriteriaId\":\"7C22B35A-E6F2-4FD5-AEA2-F31850DDA104\"}]}]}],\"references\":[{\"url\":\"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-59501\",\"source\":\"secure@microsoft.com\",\"tags\":[\"Vendor Advisory\"]}]}}",
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2025-59501\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2025-11-03T15:01:04.972100Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2025-11-03T15:01:28.445Z\"}}], \"cna\": {\"title\": \"Microsoft Configuration Manager Spoofing Vulnerability\", \"metrics\": [{\"format\": \"CVSS\", \"cvssV3_1\": {\"version\": \"3.1\", \"baseScore\": 4.8, \"baseSeverity\": \"MEDIUM\", \"vectorString\": \"CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C\"}, \"scenarios\": [{\"lang\": \"en-US\", \"value\": \"GENERAL\"}]}], \"affected\": [{\"vendor\": \"Microsoft\", \"product\": \"Microsoft Configuration Manager\", \"versions\": [{\"status\": \"affected\", \"version\": \"1.0.0\", \"lessThan\": \"5.00.9128.1037\", \"versionType\": \"custom\"}], \"platforms\": [\"Unknown\"]}, {\"vendor\": \"Microsoft\", \"product\": \"Microsoft Configuration Manager 2409\", \"versions\": [{\"status\": \"affected\", \"version\": \"1.0.0\", \"lessThan\": \"5.00.9132.1031\", \"versionType\": \"custom\"}], \"platforms\": [\"Unknown\"]}], \"datePublic\": \"2025-10-24T07:00:00.000Z\", \"references\": [{\"url\": \"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-59501\", \"name\": \"Microsoft Configuration Manager Spoofing Vulnerability\", \"tags\": [\"vendor-advisory\"]}], \"descriptions\": [{\"lang\": \"en-US\", \"value\": \"Authentication bypass by spoofing in Microsoft Configuration Manager allows an authorized attacker to perform spoofing over an adjacent network.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en-US\", \"type\": \"CWE\", \"cweId\": \"CWE-290\", \"description\": \"CWE-290: Authentication Bypass by Spoofing\"}]}], \"cpeApplicability\": [{\"nodes\": [{\"negate\": false, \"cpeMatch\": [{\"criteria\": \"cpe:2.3:a:microsoft:configuration_manager:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"5.00.9128.1037\", \"versionStartIncluding\": \"1.0.0\"}, {\"criteria\": \"cpe:2.3:a:microsoft:configuration_manager_2409:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"5.00.9132.1031\", \"versionStartIncluding\": \"1.0.0\"}], \"operator\": \"OR\"}]}], \"providerMetadata\": {\"orgId\": \"f38d906d-7342-40ea-92c1-6c4a2c6478c8\", \"shortName\": \"microsoft\", \"dateUpdated\": \"2025-10-31T20:28:48.214Z\"}}}",
      "cveMetadata": "{\"cveId\": \"CVE-2025-59501\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-11-03T15:03:47.861Z\", \"dateReserved\": \"2025-09-17T03:06:33.547Z\", \"assignerOrgId\": \"f38d906d-7342-40ea-92c1-6c4a2c6478c8\", \"datePublished\": \"2025-10-31T16:45:40.699Z\", \"assignerShortName\": \"microsoft\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }
  }
}

ghsa-9wxc-6566-9fgm

Vulnerability from github

Published

2025-10-31 18:31

Modified

2025-10-31 18:31

Severity ?

4.8 (Medium) - CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N

Details

Authentication bypass by spoofing in Microsoft Configuration Manager allows an authorized attacker to perform spoofing over an adjacent network.

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2025-59501"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-290"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-10-31T17:15:46Z",
    "severity": "MODERATE"
  },
  "details": "Authentication bypass by spoofing in Microsoft Configuration Manager allows an authorized attacker to perform spoofing over an adjacent network.",
  "id": "GHSA-9wxc-6566-9fgm",
  "modified": "2025-10-31T18:31:14Z",
  "published": "2025-10-31T18:31:14Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-59501"
    },
    {
      "type": "WEB",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-59501"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

msrc_cve-2025-59501

Vulnerability from csaf_microsoft

Published

2025-10-14 07:00

Modified

2025-10-24 07:00

Summary

Microsoft Configuration Manager Elevation of Privilege Vulnerability

Notes

Additional Resources

To determine the support lifecycle for your software, see the Microsoft Support Lifecycle: https://support.microsoft.com/lifecycle

Disclaimer

The information provided in the Microsoft Knowledge Base is provided \"as is\" without warranty of any kind. Microsoft disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose. In no event shall Microsoft Corporation or its suppliers be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages, even if Microsoft Corporation or its suppliers have been advised of the possibility of such damages. Some states do not allow the exclusion or limitation of liability for consequential or incidental damages so the foregoing limitation may not apply.

Customer Action

Required. The vulnerability documented by this CVE requires customer action to resolve.

JSON

To clipboard

{
  "document": {
    "acknowledgments": [
      {
        "names": [
          "\u003ca href=\"https://x.com/unsigned_sh0rt\"\u003eGarrett Foster\u003c/a\u003e with \u003ca href=\"https://specterops.io/\"\u003eSpecterOps, Inc.\u003c/a\u003e"
        ]
      },
      {
        "names": [
          "\u003ca href=\"https://x.com/unsigned_sh0rt\"\u003eGarrett Foster\u003c/a\u003e with \u003ca href=\"https://specterops.io/\"\u003eSpecterOps, Inc.\u003c/a\u003e"
        ]
      }
    ],
    "aggregate_severity": {
      "namespace": "https://www.microsoft.com/en-us/msrc/security-update-severity-rating-system",
      "text": "Important"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Public",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en-US",
    "notes": [
      {
        "category": "general",
        "text": "To determine the support lifecycle for your software, see the Microsoft Support Lifecycle: https://support.microsoft.com/lifecycle",
        "title": "Additional Resources"
      },
      {
        "category": "legal_disclaimer",
        "text": "The information provided in the Microsoft Knowledge Base is provided \\\"as is\\\" without warranty of any kind. Microsoft disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose. In no event shall Microsoft Corporation or its suppliers be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages, even if Microsoft Corporation or its suppliers have been advised of the possibility of such damages. Some states do not allow the exclusion or limitation of liability for consequential or incidental damages so the foregoing limitation may not apply.",
        "title": "Disclaimer"
      },
      {
        "category": "general",
        "text": "Required. The vulnerability documented by this CVE requires customer action to resolve.",
        "title": "Customer Action"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "secure@microsoft.com",
      "name": "Microsoft Security Response Center",
      "namespace": "https://msrc.microsoft.com"
    },
    "references": [
      {
        "category": "self",
        "summary": "CVE-2025-59501 Microsoft Configuration Manager Elevation of Privilege Vulnerability - HTML",
        "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-59501"
      },
      {
        "category": "self",
        "summary": "CVE-2025-59501 Microsoft Configuration Manager Elevation of Privilege Vulnerability - CSAF",
        "url": "https://msrc.microsoft.com/csaf/advisories/2025/msrc_cve-2025-59501.json"
      },
      {
        "category": "external",
        "summary": "Microsoft Exploitability Index",
        "url": "https://www.microsoft.com/en-us/msrc/exploitability-index?rtc=1"
      },
      {
        "category": "external",
        "summary": "Microsoft Support Lifecycle",
        "url": "https://support.microsoft.com/lifecycle"
      },
      {
        "category": "external",
        "summary": "Common Vulnerability Scoring System",
        "url": "https://www.first.org/cvss"
      }
    ],
    "title": "Microsoft Configuration Manager Elevation of Privilege Vulnerability",
    "tracking": {
      "current_release_date": "2025-10-24T07:00:00.000Z",
      "generator": {
        "date": "2025-10-31T16:43:47.186Z",
        "engine": {
          "name": "MSRC Generator",
          "version": "1.0"
        }
      },
      "id": "msrc_CVE-2025-59501",
      "initial_release_date": "2025-10-14T07:00:00.000Z",
      "revision_history": [
        {
          "date": "2025-10-24T07:00:00.000Z",
          "legacy_version": "1",
          "number": "1",
          "summary": "Information published."
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "category": "product_version_range",
            "name": "\u003c5.00.9128.1037",
            "product": {
              "name": "Microsoft Configuration Manager 2403 \u003c5.00.9128.1037",
              "product_id": "3"
            }
          },
          {
            "category": "product_version",
            "name": "5.00.9128.1037",
            "product": {
              "name": "Microsoft Configuration Manager 2403 5.00.9128.1037",
              "product_id": "12402"
            }
          }
        ],
        "category": "product_name",
        "name": "Microsoft Configuration Manager 2403"
      },
      {
        "branches": [
          {
            "category": "product_version_range",
            "name": "\u003c5.0.9135.1013",
            "product": {
              "name": "Microsoft Configuration Manager 2503 \u003c5.0.9135.1013",
              "product_id": "2"
            }
          },
          {
            "category": "product_version",
            "name": "5.0.9135.1013",
            "product": {
              "name": "Microsoft Configuration Manager 2503 5.0.9135.1013",
              "product_id": "16788"
            }
          }
        ],
        "category": "product_name",
        "name": "Microsoft Configuration Manager 2503"
      },
      {
        "branches": [
          {
            "category": "product_version_range",
            "name": "\u003c5.00.9132.1031",
            "product": {
              "name": "Microsoft Configuration Manager 2409 \u003c5.00.9132.1031",
              "product_id": "1"
            }
          },
          {
            "category": "product_version",
            "name": "5.00.9132.1031",
            "product": {
              "name": "Microsoft Configuration Manager 2409 5.00.9132.1031",
              "product_id": "20545"
            }
          }
        ],
        "category": "product_name",
        "name": "Microsoft Configuration Manager 2409"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2025-59501",
      "cwe": {
        "id": "CWE-290",
        "name": "Authentication Bypass by Spoofing"
      },
      "notes": [
        {
          "category": "general",
          "text": "Microsoft",
          "title": "Assigning CNA"
        },
        {
          "category": "faq",
          "text": "For the vulnerability, this means the exploitation requires a specific and uncommon condition: an Active Directory user account must exist with a matching user principal name (UPN)  that was not properly synchronized to Microsoft Entra ID.",
          "title": "According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability?"
        },
        {
          "category": "faq",
          "text": "An attacker could exploit this vulnerability by modifying the user principal name (UPN) of a valid Microsoft Entra ID account or create a new Account to impersonate an Active Directory user with the same UPN that was not synchronized to Entra ID. Successful exploitation could allow the attacker to gain unauthorized administrative control over Microsoft Configuration Manager and its managed clients.",
          "title": "How could an attacker exploit this vulnerability?"
        },
        {
          "category": "faq",
          "text": "This attack is limited to systems connected to the same network segment as the attacker. The attack cannot be performed across multiple networks (for example, a WAN) and would be limited to systems on the same network switch or virtual network.",
          "title": "According to the CVSS score, the attack vector is adjacent (AV:A). What does this mean for this vulnerability?"
        }
      ],
      "product_status": {
        "fixed": [
          "12402",
          "16788",
          "20545"
        ],
        "known_affected": [
          "1",
          "2",
          "3"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2025-59501 Microsoft Configuration Manager Elevation of Privilege Vulnerability - HTML",
          "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-59501"
        },
        {
          "category": "self",
          "summary": "CVE-2025-59501 Microsoft Configuration Manager Elevation of Privilege Vulnerability - CSAF",
          "url": "https://msrc.microsoft.com/csaf/advisories/2025/msrc_cve-2025-59501.json"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2025-10-24T07:00:00.000Z",
          "details": "5.00.9128.1037:Security Update:https://learn.microsoft.com/en-us/intune/configmgr/hotfix/2409/35360093",
          "product_ids": [
            "3"
          ],
          "url": "https://learn.microsoft.com/en-us/intune/configmgr/hotfix/2409/35360093"
        },
        {
          "category": "vendor_fix",
          "date": "2025-10-24T07:00:00.000Z",
          "details": "5.0.9135.1013:Security Update:https://learn.microsoft.com/en-us/intune/configmgr/hotfix/2503/32851084",
          "product_ids": [
            "2"
          ],
          "url": "https://learn.microsoft.com/en-us/intune/configmgr/hotfix/2503/32851084"
        },
        {
          "category": "vendor_fix",
          "date": "2025-10-24T07:00:00.000Z",
          "details": "5.00.9132.1031:Security Update:https://learn.microsoft.com/en-us/intune/configmgr/hotfix/2409/35360093",
          "product_ids": [
            "1"
          ],
          "url": "https://learn.microsoft.com/en-us/intune/configmgr/hotfix/2409/35360093"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "ADJACENT_NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 4.8,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "environmentalsScore": 0.0,
            "exploitCodeMaturity": "UNPROVEN",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "remediationLevel": "OFFICIAL_FIX",
            "reportConfidence": "CONFIRMED",
            "scope": "UNCHANGED",
            "temporalScore": 4.2,
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Spoofing"
        },
        {
          "category": "exploit_status",
          "details": "Publicly Disclosed:No;Exploited:No"
        }
      ],
      "title": "Microsoft Configuration Manager Elevation of Privilege Vulnerability"
    }
  ]
}

fkie_cve-2025-59501

Vulnerability from fkie_nvd

Published

2025-10-31 17:15

Modified

2025-11-05 18:17

Severity ?

4.8 (Medium) - CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N

Summary

Authentication bypass by spoofing in Microsoft Configuration Manager allows an authorized attacker to perform spoofing over an adjacent network.

References

	URL	Tags
	secure@microsoft.com	https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-59501	Vendor Advisory

Impacted products

Vendor	Product	Version
microsoft	configuration_manager_2403	*
microsoft	configuration_manager_2409	*
microsoft	configuration_manager_2503	*

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:microsoft:configuration_manager_2403:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "DD3A7EF4-3494-4BE8-8ACA-C5DFF72CD6AC",
              "versionEndExcluding": "5.00.9128.1037",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:configuration_manager_2409:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "85ED19B5-E9EB-4203-8EF2-1C221B22CF41",
              "versionEndExcluding": "5.00.9132.1031",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:configuration_manager_2503:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "7C22B35A-E6F2-4FD5-AEA2-F31850DDA104",
              "versionEndExcluding": "5.0.9135.1013",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Authentication bypass by spoofing in Microsoft Configuration Manager allows an authorized attacker to perform spoofing over an adjacent network."
    }
  ],
  "id": "CVE-2025-59501",
  "lastModified": "2025-11-05T18:17:55.247",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "HIGH",
          "attackVector": "ADJACENT_NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 4.8,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "NONE",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 1.2,
        "impactScore": 3.6,
        "source": "secure@microsoft.com",
        "type": "Primary"
      }
    ]
  },
  "published": "2025-10-31T17:15:46.517",
  "references": [
    {
      "source": "secure@microsoft.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-59501"
    }
  ],
  "sourceIdentifier": "secure@microsoft.com",
  "vulnStatus": "Analyzed",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-290"
        }
      ],
      "source": "secure@microsoft.com",
      "type": "Primary"
    }
  ]
}

CERTFR-2025-AVI-0928

Vulnerability from certfr_avis

Une vulnérabilité a été découverte dans Microsoft Configuration Manager. Elle permet à un attaquant de provoquer une élévation de privilèges.

Solutions

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

Impacted products

Vendor	Product	Description
Microsoft	Microsoft Configuration Manager	Microsoft Configuration Manager 2403 versions antérieures à 5.00.9128.1037
Microsoft	Microsoft Configuration Manager	Microsoft Configuration Manager 2503 versions antérieures à 5.0.9135.1013
Microsoft	Microsoft Configuration Manager	Microsoft Configuration Manager 2409 versions antérieures à 5.00.9132.1031

References

Title

Publication Time

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted

CVE-2025-59501 (GCVE-0-2025-59501)

Vulnerability from cvelistv5

ghsa-9wxc-6566-9fgm

Vulnerability from github

msrc_cve-2025-59501

Vulnerability from csaf_microsoft

fkie_cve-2025-59501

Vulnerability from fkie_nvd

CERTFR-2025-AVI-0928

Vulnerability from certfr_avis

Solutions

Tags

Sightings

Nomenclature