CVE-2025-27489
HIGHDescription
Improper input validation in Azure Local allows an authorized attacker to elevate privileges locally.
Is your site exposed to CVE-2025-27489?
Run a free security scan — no signup, results in seconds.
CVSS v3.1 Score
Weakness Type (CWE)
Affected Products
| Vendor | Product |
|---|---|
| microsoft | azure_stack_hci_22h2 |
| microsoft | azure_stack_hci_23h2 |
References
Advisories & Patches
Frequently Asked Questions
What is CVE-2025-27489? +
How severe is CVE-2025-27489? +
What products are affected by CVE-2025-27489? +
How do I check if I'm vulnerable to CVE-2025-27489? +
Related Vulnerabilities
Zervit's portable HTTP/web server is vulnerable to remote DoS attacks when a configuration reset request is made. The vulnerability is …
A POST request sent to a specific webserver endpoint can be used to write to arbitrary file locations. The endpoint …
Penetration Testing engineers at Amazon have discovered a flaw where the camera system fails to properly handle data supplied in …
A security flaw was found in certain NETGEAR RAX models that could allow a logged-in user to send specially crafted …
A security flaw was discovered in the NETGEAR WAX333 Access Point that could allow someone already logged in and connected …
A security flaw was discovered in certain NETGEAR Nighthawk RAX series routers that could allow someone already logged in to …