CVE-2025-47178
Published Jul 8, 2025
Last updated 8 months ago
- Description
- Improper neutralization of special elements used in an sql command ('sql injection') in Microsoft Configuration Manager allows an authorized attacker to execute code over an adjacent network.
- Source
- secure@microsoft.com
- NVD status
- Analyzed
- Products
- configuration_manager_2503
CVSS 3.1
- Type
- Primary
- Base score
- 8
- Impact score
- 5.9
- Exploitability score
- 2.1
- Vector string
- CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
- Severity
- HIGH
- secure@microsoft.com
- CWE-89
- Hype score
- Not currently trending
New Update | #Microsoft has released hotfix KB34503790, a revised security update for #ConfigMgr versions 2403, 2409, 2503 that resolves the vulnerability described in CVE-2025-47178 - https://t.co/7q5l0cn0qh
@PrajwalDesai
9 Sept 2025
151 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
Time to update your Configuration Manager. (KB34503790) A revised update is available to resolve the vulnerability described in CVE-2025-47178. The revision also improves the security of discovery data records (DDR) processing. #ConfigMgr
@MMelkersen
8 Sept 2025
4797 Impressions
17 Retweets
32 Likes
10 Bookmarks
0 Replies
3 Quotes
🚨New Hotfix Update🚨 | Microsoft has released the KB33926600 security update💻 for #ConfigMgr versions 2403 and 2409 on July 30, 2025, addressing the vulnerability🪲outlined in CVE-2025-47178 - https://t.co/BMwGG0VEJC
@PrajwalDesai
31 Jul 2025
229 Impressions
0 Retweets
1 Like
0 Bookmarks
1 Reply
0 Quotes
⚡UPDATES! July 9 #ViaMonstraOfficeHours featuring @jarwidmark 💻 SQL Injection vulnerability: CVE-2025-47178, #Intune multi-tenant strategy, and more! #ViaMonstraAcademy Full Office Hours 7.9.25 ➡️ https://t.co/dZRDa3O8Y9 https://t.co/DdL1zVrMMZ
@viamonstra
11 Jul 2025
7 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-47178 Improper neutralization of special elements used in an sql command ('sql injection') in Microsoft Configuration Manager allows an authorized attacker to execute code … https://t.co/z5GknAIcrY
@CVEnew
9 Jul 2025
582 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
1 Quote
[
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:microsoft:configuration_manager_2503:*:*:*:*:*:*:*:*",
"matchCriteriaId": "325E8047-7EA2-47EA-87C3-3A5A6A081AA9",
"versionEndExcluding": "5.00.9135.1003",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
]