CVE-2024-49035

Published Nov 26, 2024

Last updated 8 months ago

Exploit knownCVSS high 8.7
Server

Overview

AI description

Automated description summarized from trusted sources.

CVE-2024-49035 is an improper access control vulnerability found in Microsoft Partner Center (partner.microsoft.com). This flaw allows unauthenticated attackers to gain elevated privileges over a network. The vulnerability was disclosed by Microsoft in November 2024. Microsoft credited Gautam Peri, Apoorv Wadhwa, and an anonymous researcher for reporting the vulnerability. The Cybersecurity and Infrastructure Security Agency (CISA) has added this vulnerability to its Known Exploited Vulnerabilities Catalog, indicating it has been observed being actively exploited in the wild.

Description
An improper access control vulnerability in Partner.Microsoft.com allows an a unauthenticated attacker to elevate privileges over a network.
Source
secure@microsoft.com
NVD status
Modified
CNA Tags
exclusively-hosted-service
Products
partner_center

Risk scores

CVSS 3.1

Type
Primary
Base score
9.8
Impact score
5.9
Exploitability score
3.9
Vector string
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Severity
CRITICAL

Known exploits

Data from CISA

Vulnerability name
Microsoft Partner Center Improper Access Control Vulnerability
Exploit added on
Feb 25, 2025
Exploit action due
Mar 18, 2025
Required action
Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.

Weaknesses

secure@microsoft.com
CWE-269
nvd@nist.gov
NVD-CWE-Other

Social media

Hype score
Not currently trending

  1. [HIGH] CISA Adds Microsoft and Zimbra Flaws to KEV Catalog Amid Active Exploitation CISA added CVE-2024-49035 to KEV Catalog due to active exploitation. CVE: CVE-2024-49035 • APT: N/A • Status:… https://t.co/MbznxsfPzt

    @MysocAi

    26 Feb 2026

    0 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  2. [HIGH] CISA Adds Microsoft and Zimbra Flaws to KEV Catalog CISA adds Microsoft and Zimbra vulnerabilities to KEV; remediation required. CVE: CVE-2024-49035 • APT: N/A • Stat… https://t.co/7lPHzk9hrI

    @MysocAi

    26 Feb 2026

    0 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  3. CISA (U.S. Cybersecurity Agency) has warned that two dangerous vulnerabilities are being actively used in attacks: 1. Microsoft Partner Center flaw (CVE-2024-49035) 2. Synacor Zimbra Collaboration Suite flaw (CVE-2023-34192) 📖 Full details here: ( https://t.co/umXAROzILN

    @THEHACKERPRK

    25 Jun 2025

    6 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  4. CISA (U.S. Cybersecurity Agency) has warned that two dangerous vulnerabilities are being actively used in attacks: 1. Microsoft Partner Center flaw (CVE-2024-49035) 2. Synacor Zimbra Collaboration Suite flaw (CVE-2023-34192) 📖 Full details here: (…) https://t.co/r07fpK

    @THEHACKERPRK

    21 Jun 2025

    52 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  5. CISA (U.S. Cybersecurity Agency) has warned that two dangerous vulnerabilities are being actively used in attacks: 1. Microsoft Partner Center flaw (CVE-2024-49035) 2. Synacor Zimbra Collaboration Suite flaw (CVE-2023-34192) 📖 Full details here: (https://t.co/2fV1fiYE60…)

    @walletwardenn

    19 Apr 2025

    61 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  6. CISA (U.S. Cybersecurity Agency) has warned that two dangerous vulnerabilities are being actively used in attacks: 1. Microsoft Partner Center flaw (CVE-2024-49035) 2. Synacor Zimbra Collaboration Suite flaw (CVE-2023-34192) 📖 Full details here: (https://t.co/2fV1fiYE60…)

    @walletwardenn

    19 Apr 2025

    72 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  7. CISA (U.S. Cybersecurity Agency) has warned that two dangerous vulnerabilities are being actively used in attacks: 1. Microsoft Partner Center flaw (CVE-2024-49035) 2. Synacor Zimbra Collaboration Suite flaw (CVE-2023-34192) 📖 Full details here: (https://t.co/MPs2YgP22W…)

    @Numero_Hacks

    13 Apr 2025

    1 Impression

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  8. CISA (U.S. Cybersecurity Agency) has warned that two dangerous vulnerabilities are being actively used in attacks: 1. Microsoft Partner Center flaw (CVE-2024-49035) 2. Synacor Zimbra Collaboration Suite flaw (CVE-2023-34192) 📖 Full details here: (https://t.co/fsiCPwS00I…)

    @nathy_hackers

    1 Apr 2025

    4 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  9. CISA (U.S. Cybersecurity Agency) has warned that two dangerous vulnerabilities are being actively used in attacks: 1. Microsoft Partner Center flaw (CVE-2024-49035) 2. Synacor Zimbra Collaboration Suite flaw (CVE-2023-34192) 📖 Full details here: (https://t.co/Uld9sf1RzZ…)

    @John08987

    31 Mar 2025

    2 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  10. CISA (U.S. Cybersecurity Agency) has warned that two dangerous vulnerabilities are being actively used in attacks: 1. Microsoft Partner Center flaw (CVE-2024-49035) 2. Synacor Zimbra Collaboration Suite flaw (CVE-2023-34192) 📖 Full details here: (https://t.co/eL6mIN6wAi…)

    @digital_hack6

    27 Mar 2025

    0 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  11. CISA (U.S. Cybersecurity Agency) has warned that two dangerous vulnerabilities are being actively used in attacks: 1. Microsoft Partner Center flaw (CVE-2024-49035) 2. Synacor Zimbra Collaboration Suite flaw (CVE-2023-34192) 📖 Full details here: (https://t.co/UFdvAPacWg…)

    @recoverythreata

    27 Mar 2025

    30 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  12. CISA (U.S. Cybersecurity Agency) has warned that two dangerous vulnerabilities are being actively used in attacks: 1. Microsoft Partner Center flaw (CVE-2024-49035) 2. Synacor Zimbra Collaboration Suite flaw (CVE-2023-34192) 📖 Full details here: (https://t.co/28uWAZuGes…)

    @EthicalHack21

    23 Mar 2025

    46 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  13. CISA (U.S. Cybersecurity Agency) has warned that two dangerous vulnerabilities are being actively used in attacks: 1. Microsoft Partner Center flaw (CVE-2024-49035) 2. Synacor Zimbra Collaboration Suite flaw (CVE-2023-34192) 📖 Full details here: (https://t.co/zzUxb93uRV…)

    @Cyber_Recover12

    22 Mar 2025

    1 Impression

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  14. CISA (U.S. Cybersecurity Agency) has warned that two dangerous vulnerabilities are being actively used in attacks: 1. Microsoft Partner Center flaw (CVE-2024-49035) 2. Synacor Zimbra Collaboration Suite flaw (CVE-2023-34192) 📖 Full details here: (https://t.co/zzUxb93uRV…)

    @Cyber_Recover12

    21 Mar 2025

    1 Impression

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  15. CISA (U.S. Cybersecurity Agency) has warned that two dangerous vulnerabilities are being actively used in attacks: 1. Microsoft Partner Center flaw (CVE-2024-49035) 2. Synacor Zimbra Collaboration Suite flaw (CVE-2023-34192) 📖 Full details here: (https://t.co/NIu1skgdgd…)

    @JOE_HACKER1

    20 Mar 2025

    65 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  16. CISA (U.S. Cybersecurity Agency) has warned that two dangerous vulnerabilities are being actively used in attacks: 1. Microsoft Partner Center flaw (CVE-2024-49035) 2. Synacor Zimbra Collaboration Suite flaw (CVE-2023-34192) 📖 Full details here: (https://t.co/aTTn63279U…)

    @Mr_James_Cyber

    20 Mar 2025

    1 Impression

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  17. CISA (U.S. Cybersecurity Agency) has warned that two dangerous vulnerabilities are being actively used in attacks: 1. Microsoft Partner Center flaw (CVE-2024-49035) 2. Synacor Zimbra Collaboration Suite flaw (CVE-2023-34192) 📖 Full details here: (https://t.co/aTTn63279U…)

    @Mr_James_Cyber

    20 Mar 2025

    0 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  18. CISA (U.S. Cybersecurity Agency) has warned that two dangerous vulnerabilities are being actively used in attacks: 1. Microsoft Partner Center flaw (CVE-2024-49035) 2. Synacor Zimbra Collaboration Suite flaw (CVE-2023-34192) 📖 Full details here: (https://t.co/5EhdO34zav…)

    @Recoverytheate

    20 Mar 2025

    59 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  19. CISA (U.S. Cybersecurity Agency) has warned that two dangerous vulnerabilities are being actively used in attacks: 1. Microsoft Partner Center flaw (CVE-2024-49035) 2. Synacor Zimbra Collaboration Suite flaw (CVE-2023-34192) 📖 Full details here: (https://t.co/NIu1skgdgd…)

    @JOE_HACKER1

    20 Mar 2025

    47 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  20. CISA (U.S. Cybersecurity Agency) has warned that two dangerous vulnerabilities are being actively used in attacks: 1. Microsoft Partner Center flaw (CVE-2024-49035) 2. Synacor Zimbra Collaboration Suite flaw (CVE-2023-34192) 📖 Full details here: (https://t.co/fU7P8x4DGz…)

    @Herbert_Termux

    19 Mar 2025

    98 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  21. CISA (U.S. Cybersecurity Agency) has warned that two dangerous vulnerabilities are being actively used in attacks: 1. Microsoft Partner Center flaw (CVE-2024-49035) 2. Synacor Zimbra Collaboration Suite flaw (CVE-2023-34192) 📖 Full details here: (https://t.co/EWaMDc2cR9…)

    @help_center11

    11 Mar 2025

    53 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  22. CISA (U.S. Cybersecurity Agency) has warned that two dangerous vulnerabilities are being actively used in attacks: 1. Microsoft Partner Center flaw (CVE-2024-49035) 2. Synacor Zimbra Collaboration Suite flaw (CVE-2023-34192) 📖 Full details here: (https://t.co/JVRhmHVpR1…)

    @savana_recovery

    10 Mar 2025

    46 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  23. Actively exploited CVE : CVE-2024-49035

    @transilienceai

    10 Mar 2025

    19 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    1 Reply

    0 Quotes

  24. Actively exploited CVE : CVE-2024-49035

    @transilienceai

    10 Mar 2025

    20 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    1 Reply

    0 Quotes

  25. Actively exploited CVE : CVE-2024-49035, CVE-2023-34192

    @transilienceai

    9 Mar 2025

    73 Impressions

    0 Retweets

    1 Like

    0 Bookmarks

    1 Reply

    0 Quotes

  26. Actively exploited CVE : CVE-2024-49035

    @transilienceai

    9 Mar 2025

    15 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    1 Reply

    0 Quotes

  27. Actively exploited CVE : CVE-2024-49035

    @transilienceai

    8 Mar 2025

    19 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    1 Reply

    0 Quotes

  28. Actively exploited CVE : CVE-2024-49035

    @transilienceai

    7 Mar 2025

    14 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    1 Reply

    0 Quotes

  29. Actively exploited CVE : CVE-2024-49035

    @transilienceai

    7 Mar 2025

    20 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    1 Reply

    0 Quotes

  30. Actively exploited CVE : CVE-2024-49035

    @transilienceai

    5 Mar 2025

    21 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    1 Reply

    0 Quotes

  31. Actively exploited CVE : CVE-2024-49035

    @transilienceai

    4 Mar 2025

    11 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    1 Reply

    0 Quotes

  32. Actively exploited CVE : CVE-2024-49035

    @transilienceai

    3 Mar 2025

    10 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    1 Reply

    0 Quotes

  33. Actively exploited CVE : CVE-2024-49035

    @transilienceai

    2 Mar 2025

    13 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    1 Reply

    0 Quotes

  34. Actively exploited CVE : CVE-2024-49035

    @transilienceai

    1 Mar 2025

    11 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    1 Reply

    0 Quotes

  35. Actively exploited CVE : CVE-2024-49035, CVE-2023-34192

    @transilienceai

    28 Feb 2025

    24 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    1 Reply

    0 Quotes

  36. Actively exploited CVE : CVE-2024-49035

    @transilienceai

    28 Feb 2025

    6 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    1 Reply

    0 Quotes

  37. Actively exploited CVE : CVE-2024-49035, CVE-2023-34192

    @transilienceai

    28 Feb 2025

    21 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    1 Reply

    0 Quotes

  38. CISA (U.S. Cybersecurity Agency) has warned that two dangerous vulnerabilities are being actively used in attacks: 1. Microsoft Partner Center flaw (CVE-2024-49035) 2. Synacor Zimbra Collaboration Suite flaw (CVE-2023-34192) 📖 Full details here: (https://t.co/6jycjWiyri…)

    @AJTheTech

    27 Feb 2025

    45 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  39. Actively exploited CVE : CVE-2024-49035

    @transilienceai

    27 Feb 2025

    12 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    1 Reply

    0 Quotes

  40. 🚨 Security Alert: The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a critical vulnerability in Microsoft's Partner Center (CVE-2024-49035) to its Known Exploited Vulnerabilities Catalog, citing active exploitation.

    @allnewsjack

    27 Feb 2025

    97 Impressions

    0 Retweets

    1 Like

    0 Bookmarks

    1 Reply

    0 Quotes

  41. Latest Known Exploited Vulnerabilities (#KEV) : #CVE-2024-49035 #Microsoft Partner Center Improper Access Control Vulnerability https://t.co/7gRaVEBjse

    @ScyScan

    26 Feb 2025

    15 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  42. ⚠️ Vulnerability Alert: Microsoft Partner Center Privilege Escalation Vulnerability 📅 Timeline: Disclosed: 2024-11-01, Patched: November 2024 📌 Attribution: CISA confirmed active exploitation 🆔 CVE ID: CVE-2024-49035 📊 Base Score: 9.8 📏 CVSS Metrics:… https://t.co/

    @syedaquib77

    26 Feb 2025

    24 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  43. Actively exploited CVE : CVE-2024-49035

    @transilienceai

    26 Feb 2025

    9 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    1 Reply

    0 Quotes

  44. csirt_it: ‼️ #Microsoft: rilevato lo sfruttamento attivo in rete della vulnerabilità CVE-2024-49035 – già sanata dal vendor – relativa al prodotto #MicrosoftPartnerCenter Rischio: 🟠 Tipologia: 🔸 Elevation of Privilege 🔗 https://t.co/pl4YPcJh9B 🔄 … https://t.co/O9etfvly4q

    @Vulcanux_

    26 Feb 2025

    7 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  45. 🚨CVE Alert: Microsoft Partner Center Improper Access Control Vulnerability Exploited In The Wild🚨 Vulnerability Details: CVE-2024-49035 (8.7/10) Microsoft Partner Center Improper Access Control Vulnerability Impact A Successful exploit may allow an a unauthenticated attacker

    @CyberxtronTech

    26 Feb 2025

    57 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  46. 🔐 CISA has just added two critical vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog—both actively exploited. Hook: Microsoft Partner Center’s CVE-2024-49035 and Synacor ZCS’s CVE-2023-34192 are putting organizations at risk. Read the full article:… https://

    @TheHackersNews

    26 Feb 2025

    34078 Impressions

    31 Retweets

    89 Likes

    11 Bookmarks

    1 Reply

    0 Quotes

  47. Actively exploited CVE : CVE-2024-49035

    @transilienceai

    26 Feb 2025

    20 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    1 Reply

    0 Quotes

  48. Microsoft patches 4 critical security flaws, including one exploited in the wild (CVE-2024-49035). Fixes for Power Apps, Copilot Studio, Azure, & Dynamics 365 are available. Update your apps! #Cyber https://t.co/UlmlJ9X7ts

    @TLDRStories

    3 Dec 2024

    41 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  49. Here are some notable updates in information security: Vulnerabilities and Patches - Microsoft addressed critical security flaws in its AI, cloud, and ERP offerings, with one flaw (CVE-2024-49035) already being exploited in the wild. - Palo Alto Networks patched… https://t.

    @johnmstark

    1 Dec 2024

    48 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  50. Alerte ! Microsoft corrige les failles de sécurité dans l'IA, le Cloud et l'ERP, dont une exploitée activement. La vulnérabilité CVE-2024-49035 est évaluée à 8.7 CVSS. Analyse pour les Analystes Sécurité #Cybersecurite #ExploitZeroDay 👉 https://t.co/KTKvSrZsV4

    @CyberAlertFr

    30 Nov 2024

    3 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

Configurations

Related CVEs

  1. Deskflow is a keyboard and mouse sharing app. Prior to 1.26.0.167, a remote, unauthenticated denial of service (DoS) vulnerability affects Deskflow servers running with TLS enabled (the default). When any TCP peer connects to the listening port and its first bytes do not parse as a valid TLS ClientHello, SecureSocket::secureAccept enters its fatal-error branch and calls Arch::sleep(1) (a blocking 1-second sleep) on the multiplexer worker thread. That thread services every socket on the server, including established TLS clients delivering mouse motion, keyboard events, and clipboard updates. A single failed handshake therefore stalls input delivery to all connected screens for ~1 second, and a sustained drip of malformed connections (≥ 1/s) makes the server effectively unusable while the attack persists. This vulnerability is fixed in 1.26.0.167.CVE-2026-44296
  2. In the Linux kernel, the following vulnerability has been resolved: rxrpc: Also unshare DATA/RESPONSE packets when paged frags are present The DATA-packet handler in rxrpc_input_call_event() and the RESPONSE handler in rxrpc_verify_response() copy the skb to a linear one before calling into the security ops only when skb_cloned() is true. An skb that is not cloned but still carries externally-owned paged fragments (e.g. SKBFL_SHARED_FRAG set by splice() into a UDP socket via __ip_append_data, or a chained skb_has_frag_list()) falls through to the in-place decryption path, which binds the frag pages directly into the AEAD/skcipher SGL via skb_to_sgvec(). Extend the gate to also unshare when skb_has_frag_list() or skb_has_shared_frag() is true. This catches the splice-loopback vector and other externally-shared frag sources while preserving the zero-copy fast path for skbs whose frags are kernel-private (e.g. NIC page_pool RX, GRO). The OOM/trace handling already in place is reused.CVE-2026-43500
  3. In the Linux kernel, the following vulnerability has been resolved: xfrm: esp: avoid in-place decrypt on shared skb frags MSG_SPLICE_PAGES can attach pages from a pipe directly to an skb. TCP marks such skbs with SKBFL_SHARED_FRAG after skb_splice_from_iter(), so later paths that may modify packet data can first make a private copy. The IPv4/IPv6 datagram append paths did not set this flag when splicing pages into UDP skbs. That leaves an ESP-in-UDP packet made from shared pipe pages looking like an ordinary uncloned nonlinear skb. ESP input then takes the no-COW fast path for uncloned skbs without a frag_list and decrypts in place over data that is not owned privately by the skb. Mark IPv4/IPv6 datagram splice frags with SKBFL_SHARED_FRAG, matching TCP. Also make ESP input fall back to skb_cow_data() when the flag is present, so ESP does not decrypt externally backed frags in place. Private nonlinear skb frags still use the existing fast path. This intentionally does not change ESP output. In esp_output_head(), the path that appends the ESP trailer to existing skb tailroom without calling skb_cow_data() is not reachable for nonlinear skbs: skb_tailroom() returns zero when skb->data_len is nonzero, while ESP tailen is positive. Thus ESP output will either use the separate destination-frag path or fall back to skb_cow_data().CVE-2026-43284
  4. BerriAI LiteLLM SQL Injection VulnerabilityCVE-2026-42208
  5. Externally controlled reference to a resource in another sphere in Microsoft Partner Center allows an unauthorized attacker to perform spoofing over a network.CVE-2026-34327

References

Sources include official advisories and independent security research.