Microsoft Microsoft Configuration Manager 2409
4 CVEs affecting Microsoft Microsoft Configuration Manager 2409. Latest disclosed: 2025-11-11. Critical: 0, High: 1.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2025-59213 | High | 8.8 | 2025-10-14 | Improper neutralization of special elements used in an sql command ('sql injection') in Microsoft Configuration Manager allows an unauthorized attacker to elev… |
CVE-2025-55320 | Medium | 6.8 | 2025-10-14 | Improper neutralization of special elements used in an sql command ('sql injection') in Microsoft Configuration Manager allows an authorized attacker to elevat… |
CVE-2025-47179 | Medium | 6.7 | 2025-11-11 | Improper access control in Microsoft Configuration Manager allows an authorized attacker to elevate privileges locally. |
CVE-2025-59501 | Medium | 4.8 | 2025-10-31 | Authentication bypass by spoofing in Microsoft Configuration Manager allows an authorized attacker to perform spoofing over an adjacent network. |