CVE-2025-33074
HIGHDescription
Improper verification of cryptographic signature in Microsoft Azure Functions allows an authorized attacker to execute code over a network.
Is your site exposed to CVE-2025-33074?
Run a free security scan — no signup, results in seconds.
CVSS v3.1 Score
Weakness Type (CWE)
Affected Products
| Vendor | Product |
|---|---|
| microsoft | azure_functions |
References
Advisories & Patches
Frequently Asked Questions
What is CVE-2025-33074? +
How severe is CVE-2025-33074? +
What products are affected by CVE-2025-33074? +
How do I check if I'm vulnerable to CVE-2025-33074? +
Related Vulnerabilities
The firmware update mechanism does not include cryptographic signature validation. This allows anyone with access to the firmware update capability …
DataEase is an open source data visualization and analysis tool. Prior to 2.10.23, DataEase enterprise token handling can let TokenFilter#doFilter() …
The Microsoft 365 and Microsoft Entra ID Plugins for Moodle provide Office 365 and Azure Active Directory integration for Moodle. …
OpenLearnX is an open-source, decentralized learning and assessment platform. Prior to 2.0.4, a critical authentication vulnerability was identified in OpenLearnX …
Hyperbridge is a hyper-scalable coprocessor for verifiable, cross-chain interoperability. A critical vulnerability was discovered in the ismp-grandpa crate, that allowed …
aes-gcm is a pure Rust implementation of the AES-GCM. In decrypt_in_place_detached, the decrypted ciphertext (which is the correct ciphertext) is …