What is CVE-2025-53765?

CVE-2025-53765 is a medium-severity vulnerability in Microsoft Azure Stack Hub, classified under Exposure of Private Personal Information to an Unauthorized Actor. CVSS score: 4.4/10. Published 2025-08-12.

How severe is CVE-2025-53765?

Medium severity. CVSS v3 base score is 4.4 out of 10.

Vulnerability in Microsoft Azure Stack Hub

CVE-2025-53765

Exposure of private personal information to an unauthorized actor in Azure Stack allows an authorized attacker to disclose information locally.

EPSS: 0.006 (69.7th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 4.4 (Medium). Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C.

Affected products

Microsoft Azure Stack Hub — versions 1.0.0

Weakness classification (CWE)

CWE-359 — Exposure of Private Personal Information to an Unauthorized Actor

References

Azure Stack Hub Information Disclosure Vulnerability (vendor-advisory, patch)

Frequently asked questions

What is CVE-2025-53765?: CVE-2025-53765 is a medium-severity vulnerability in Microsoft Azure Stack Hub, classified under Exposure of Private Personal Information to an Unauthorized Actor. CVSS score: 4.4/10. Published 2025-08-12.
How severe is CVE-2025-53765?: Medium severity. CVSS v3 base score is 4.4 out of 10.